Establishing your social media presence with security in mind
The article starts on page 100 of the pdf and focuses on corporate security. Corporate use of social media brings some interesting risks, ones that traditional security defenses can’t necessarily protect you from.
Reputation damage is by far one of the most interesting risks businesses take in the SM realm, but the only real defense is to admit mistakes quickly, acknowledge a problem and offer effective solutions.
SpinHunters is part of the GNUCitizen network and specializes in reputation protection, which is like PR meets security.
While I’m on the topic, let me put some basic social media security tips out there for the individual.
-Don’t publicize your birthday. Many things require your birthday as a means to access your accounts. Utilities, banking etc. require this information to confirm your identity over the phone. Also, some websites only require a birthday to reset a password.
-Have a default answer for security questions and use it as a second password, not the actual answer to the question. So for example, if the website asks for the name of your first pet or mother’s maiden name to reset a password, use your secondary password as the answer. Extracting things like your first kiss, pet, car, etc. is relatively simple for a social engineer.
-Be aware of who you allow to see profiles where you divulge a significant amount of information about yourself. Examples include facebook and linkedIn. These can include school/work info, birthdays and photos (see: reputation protection). If you are going to add people you don’t know, try to take advantage of the network’s built in secuirty features like limited profiles.
-Be aware of the information you share. These ‘24 things about me’ surveys are a social engineer/phisher’s wet dream.
Article link via Liquidmatrix
-
benmcmath reblogged this from kylecooper
-
kylecooper posted this
