Trevor Nelson

SOCIAL MEDIA SAFETY

B.S. in Computer Information Systems from Bradley Concentration in Security and Distributed Systems

Application Security Analyst at Pearl Technology Software Analysis Systems Testing Consulting and Contract Management

Certified Ethical Hacker

ABOUT ME

Why is privacy important?“Being Found”

Tools of locationFacebook and Twitter privacy

Best practices Examples

Internet Visibility Reducing your “footprint”

Preventative MeasuresGeneral Security tips

Good passwords, spotting hacking attempts, open connections

OUTLINE

Your data is valuable to companies If the product is free, YOU are the product!

Social relationships are not flat!There’s no UNDO button

Once its out, it stays outWho’s looking at you?

Administrative offi cials, co-workers, students? HR researches prospective candidates

Obscurity is NOT security!

WHY IS PRIVACY IMPORTANT?

Oversharing is commonGoogle Searches (with logical operators)

Ex: “Trevor Nelson” AND “Bradley University” OR “Galesburg High School” OR “2009”

People Search Engines Spokeo.com, whitepages.com

Social Media SearchUsername Checkers

Namechk.com

“BEING FOUND” – METHODS OF LOCATION

NAMECHK.COM

Cyber stalking The act of using the internet to aggressively tail someone

against their willCyber stalkers love location services!

Facebook “check-ins”, Location-based Tweets, Foursquare, Google Location

People may maliciously attempt to use information against you based on beliefs or words

BEING FOUND

Build Lists Friends, Acquaintances, Family, Professionals Create your OWN lists, don’t use defaults

Don’t accept all friend requests!Set profi le to “Friends Only”Turn off search engine indexingRemove unused appsName obfuscation? (Personal preference)Obscure your profi le pictureUnlike irrelevant pages, leave old groups

FACEBOOK – BEST PRACTICES

Disable Instant PersonalizationDisallow using your likeness in ads Disallow third party sites from using you in adsSet Review tagged posts before allowing them to ON

Disclaimer: This does not REMOVE the tag from the original poster, just from your own wall.

Edit your profi le, define limits of who sees what (have you made your lists?)

And of course, watch what you post!

FACEBOOK BEST PRACTICES CONT’D.

View your profi le through the eyes of others:

FACEBOOK BEST PRACTICES CONT’D

Look things over carefully and often:

REVIEW SETTINGS

BAD “APP”LES

LIMIT YOUR AUDIENCE

Do not use your full name!Use an ambiguous photoDo not link your account to untrusted websites

News comments, untrusted apps, sites requiring a sign-in Protect your TweetsDisable location tagging

Does everyone need to know where you are at every moment?

TWITTER BEST PRACTICES

TWITTER BEST PRACTICES

Major services outside of Facebook and Twitter LinkedIn, Foursquare, Yelp, Instagram, Vine

Use your best judgment, assume everything is publicThe LinkedIn Problem

By its nature, you want your resume-related information visible

Avoid connecting to Facebook in any way!

WHAT ABOUT OTHER SITES?

Footprint is defined as your online presence Number of social profiles, appearances on websites and

searches, “searchability”Hide these profi les from Google! If you cannot do that…

CHANGE information such as names, locations, education, workplace

Delete old profi les Are you seriously using MySpace?

REDUCE YOUR ONLINE “FOOTPRINT”

Set good passwords Avoid dictionary words and personal information: your

first/last name, birthday, hometown Most common passwords: 123456, password, cats, music

etc.Do not trust everything! Apps especially

If it sounds too good to be true, it is Safe apps will not spam friends lists when you use them

Never give out a password! No service will ask for your password directly

Do not connect to open Wi-Fi Like broadcasting your information on the radio Use HTTPS / Encryption

GENERAL SECURITY TIPS