University of Kentucky College of Agriculture

Security for Social Media

Due to the ever-evolving security/privacy structure of social media, this document is intended as a set of guidelines/recommendations on security best practices for social media. The technologies this document will focus on are Facebook, Twitter, YouTube, Flickr and Linkedin.

Remember, when creating a social media presence, regardless of what levels of security you choose, the intended purpose of social media is to share information with others.  Another factor to consider is creating a “professional” profile versus “private” profile. Keeping two profiles may seem cumbersome, but it will more easily allow you to manage the information you share. Everything you do online can and will live forever.

Facebook: Security Best Practices

1. Account/password security: Use a complex password, use a different password for each online account, don’t share your password with anyone, and be careful where you enter your password (make sure your actually on the correct login page).

2. Privacy Settings: Facebook privacy settings change frequently, you should check yours on a regular basis:

a. Carefully review Facebook’s Privacy Guide because privacy settings frequently change. A useful tool is the “how others see you” tool which can help you configure your sites security to your desired level. Make sure and review your sites privacy settings after each redesign of the site, privacy settings can revert to a less-safe default mode after site redesigns.

b. While Facebook recommends privacy settings be set to “everyone,” consider using the more restrictive options of “friends of friends” and “friends” should be considered if you don’t want everyone on the Internet to access certain parts of your site.

c. Think carefully about who you allow to become a “friend.” Once you add someone as a friend, they will be able to access information that you marked viewable by friends, this may include personal information. They will also appear in your friends list, viewable by other friends. There is the “limited friends” option which allows these friends to see a “cut-down” version of your profile.

d. If you are really concerned about privacy, disable options and then open them up one by one until you acheive your desired privacy level.

A few other tips: don’t leave your full birth date in your profile; don’t mention that you will be on vacation/away from home and don’t display your address.

3. Profile/Account Security: You can do several things to keep your profile from being compromised:

a. List a security question/answer for your account. Add a mobile number that can be used to help identify or confirm your account/identity.

b. Be suspicious of urgent emails, emails asking for your password/account information, with misspelled words or bad grammar.

c. Don’t click on links or open attachments in “suspicious” emails and even be wary of these in messages from friends (their account could be compromised).

d. If your account appears to be compromised/spamming, immediately reset your password. If for some reason you can’t do this, use this link to contact Facebook: http://www.facebook.com/help/?faq=15838.

For more information visit these sites:

Facebook Security Help Site:

http://www.facebook.com/help/?page=420

Sophos Facebook Privacy/Security tips

http://www.sophos.com/security/topic/facebook.html

Electronic Privacy Information Center

http://epic.org/privacy/facebook/


Twitter: Security Best Practices

While Twitter doesn’t have many of the inherent threats that accompany Facebook, you still need to be aware of basic security principles regarding your account/site. Below are a few tips for securely using Twitter.

1. Privacy: You can set up your site as protected (only followers can see your tweets) accessible by anyone. Don’t include any personal information in your profile. Create a personal and work account to keep your personal tweets separate from work-related tweets. Don’t tweet personal information, confidential information related to your work, or be to specific in your tweets (ex. just bought xx for $$). Use a direct message if you want to share confidential information with someone else via Twitter.

2. Account/Password: Don’t use the same password you use for other social media sites/accounts. Make sure your password is sufficiently complex/unique.

3. Fake accounts: Beware of fake accounts, don’t click on links posted on suspicious Twitter sites. Fake users are usually following many people, but have few tweets and followers.

For more information visit these sites:

Twitter Privacy Policy:

http://twitter.com/privacy

Twitter “Do’s and Don’ts”

http://www.twitip.com/twitter-security-dos-and-donts/

Information regarding fake Twitter accounts

http://community.ca.com/blogs/securityadvisor/archive/2010/04/30/stay-sa...


YouTube, Flickr, and LinkedIn: Security Best Practices

These sites don’t have as many security threats, but you should still consider privacy and security when using them.

1. Use a different login/password than you use on other sites and don’t give out your account information.

2. For YouTube and Flickr, keep personal videos or pictures private. Be careful what you share.

3. Read and understand the terms of service; abide by the terms or pay the consequences…

4. Make sure your contact/professional information is current and accurate(LinkedIn). Don’t include any information that might be personal (home address, birth date, etc.)

For more information visit these sites:

YouTube Privacy Policy

http://www.youtube.com/t/privacy?hl=en

YouTube Safety Center

http://www.google.com/support/youtube/bin/request.py?contact_type=abuse&hl=en-US

Flickr Privacy Policy

http://info.yahoo.com/privacy/us/yahoo/flickr/details.html

Flickr Community Guidelines

http://www.flickr.com/guidelines.gne

LinkedIn Privacy Policy

http://www.linkedin.com/static?key=privacy_policy&trk=hb_ft_priv

LinkedIn User Agreement

http://www.linkedin.com/static?key=user_agreement

Contact

UKAg News Facebook Page UKAg News Twitter account

If you have any questions related to Marketing (logos, templates, orders) or comments about the Marketing website, please contact becky.simmermacher@uky.edu. We welcome feedback on how we can make this site more useful for you. Thank you.

Land-Grant Institution

The University of Kentucky College of Agriculture was founded as, and remains a land-grant institution, offering access to knowledge and learning for citizens and students throughout the Commonwealth. Our research, teaching, and extension programs are part of a national system that maintains a statewide presence and links local, state, and global issues.

Read more about 100 Years of Extension

Read about the 150 year sesquicentennial of the Morrill Act at UK