In a recent blog post I suggested that, while social networking (e.g., facebook, myspace, twitter, orkut, LinkedIn, etc.) is here to stay, one needs to be somewhat circumspect in using them. I focused mostly on “apps” within these social networking communities. These apps often want access to your personal information or want you to install or run some program at their behest.
As a follow-up, I’d like to discuss some general ways in which you can improve the likelihood that you will not get your personal or business systems hacked while still being able to enjoy the fruits of these dynamic, fast-growing communities.
- Think before you click on anything asking:
- you to install some “missing piece of software” (e.g., a dll, driver, codec) and perhaps offering to forward you to the site where you can install it now and then proceed with your original task. Do you know the software provider?
- Review your privacy settings periodically, there are many recommendations in this regard in the mainstream media (see table at bottom).
- Don’t lend the use of your computer (laptop, desktop) to anyone that might be reckless with it. If the borrower surfs to an infected web site and your account on the PC becomes infected then they have unwittingly put your personal information at risk. To mitigate the danger – always create a separate account for other users (either one account per person for regular users, or) a shared guest account for people that just want to use a browser for short time. When creating such accounts do be sure they are not endowed with any administrative powers. Delete all the files they leave behind and perform a virus/spyware scan. Don’t think of it as being distrustful, think of it as good hygiene.
- Taken to its logical extreme, you might seriously consider having a completely separate system for when you are working on your high privacy stuff (employee personal info., online banking, personal/business financials, tax returns, medical bills/records, …). This will almost guarantee that your private information stays that way. **
Although it may sound like I need to lighten up, if you read some of the horror stories about people that have experienced ID theft, you may decide I am not being adamant enough! Of course, you have to find a happy medium for your circumstances. Hopefully, the list above will help you make more informed decisions before you click.
High level: NY Times
Very detailed: AllFacebook
For better privacy control, switch from profile 1.0 to profile 2.0.
Walk-through: Network World
** If you are computer savvy enough to know about virtual machines (VM) – you can get much of the same degree of isolation using a separateVM, instead of a separate piece of physical hardware.