Using social networking safely: tips from security pros

How to maintain your privacy and safety online

Howard Schmidt was reluctant to hop on the social networking bandwagon — a by-product, he says, of the paranoia he internalises as a security professional. Eventually, though, Schmidt — the one-time cybersecurity adviser to President Bush and itinerant CISO turned consultant — decided the positives outweighed the negatives. He joined not just one social network but three: Facebook, LinkedIn and MySpace.

"My response to those in the security business lamenting the existence of Facebook and MySpace is to ask them if they've ever been on it," says Schmidt.

Bill Boni, too, took the social networking leap — with gusto. The long-time corporate vice-president of information security and protection at Motorola, he has now racked up more than 500 connections on LinkedIn. For him, social networking is all about amplifying his effectiveness as a security executive. He says the site allows him to keep in touch with people and gives him an opportunity to tap into "additional sources of expertise."

Despite the well-publicised security and privacy risks of social networking, both Boni and Schmidt say it's possible to reap the benefits of social networking and stay safe at the same time. You just have to stay vigilant and be smart. Here's their advice.

1. Do your homework.

Boni hesitated to join LinkedIn until he had adequate time and opportunity to research the site. Despite being recruited to join by numerous colleagues whom he trusted, he wanted to pass his own judgement first.

Before you join, talk to people you know and trust about their experiences with social networking. Different people have different comfort levels, which may dictate which site (or sites) you decide to join. For instance, LinkedIn contains mostly fields for resume-type information, while Facebook also asks about your politics, religion and favourite books and movies (not that you have to answer). After reviewing each site, ask yourself which site you would benefit from most, what type of features you want and what type of information you are comfortable sharing. Schmidt notes that careful research also may help quell your anxieties and misconceptions about social networking.

2. Secure your settings

The benefit of social networking is directly related to the openness of it, Schmidt says, so privacy and security can be tricky. But each site has various options, and you can decide how much or little you want or lock down your information. Profiles on any of the sites can be set as public or private — with a private profile being accessible only to those you are connected to or "friends" with.

You can also control various aspects of your profile on each site. Facebook, for instance, allows you to control who can contact you, who can find you in a search and what information they will find. You can also set up a limited profile for when you want to connect with someone but not share everything. On LinkedIn, where there's less information that may be of privacy concern, you still can decide whether or not people are notified when you make changes to your profile and whether people whose profile you visit will know that you (or someone at your company) has been there.

3. Be careful who you link to

The implicit risk in a sharing site is that it's open to anyone who follows the terms of use, says Boni. "That means [in addition to all the good people]," he says, "there could be members of organised crime, criminal undergrounds, or people with malicious intent lurking on there." That's why it's crucial to control who you allow into your network.

If you receive a link request from someone on claiming to know you through another connection or "friend," check with that connection to make sure the request is legitimate. Don't accept someone who you don't know or haven't checked out. "This is a tool that can make people more productive and effective," Boni says, but only "if it's balanced with common sense and a healthy scepticism about unsolicited communication received from unknown parties."

4. Avoid the TMI trap.

As pro-social networking as Boni and Schmidt are, both say that you are your own worst enemy online, and the risk is always there that you will disclose too much information. "Some people aren't fully cognisant of the fact that what they put up there is going to be exposed to all kinds of people," says Schmidt.

Adds Boni, "People need to be sceptical and cautious when leveraging these networks. There are lots of things people shouldn't tell others, but they do anyway." And that, he says, can lead to social engineering and elicitation — when someone uses what they know about you to try to learn something about you or your company that's better not disclosed.

That's why Boni says he won't disclose anything of real concern to him. "It's my responsibility to exercise reasonable judgement when I decide what information I want to disclose," he says. Boni sees his account on LinkedIn strictly as a way to help him do his job better — and as a result, he only provides information related to his professional self.

Schmidt, on the other hand, sees an advantages in blurring the personal and professional lines. Because of MySpace, he realised that one of his CEO colleagues was an avid fisherman, as is he. Another friend turned out to be an amateur photographer — so is Schmidt. "It helps you build trust and a better understand of who they are, which enhances your business relationship," he says. And that's the whole idea.

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Katherine Walsh

Show Comments

Cool Tech

Breitling Superocean Heritage Chronographe 44

Learn more >

SanDisk MicroSDXC™ for Nintendo® Switch™

Learn more >

Toys for Boys

Family Friendly

Panasonic 4K UHD Blu-Ray Player and Full HD Recorder with Netflix - UBT1GL-K

Learn more >

Stocking Stuffer

Razer DeathAdder Expert Ergonomic Gaming Mouse

Learn more >

Christmas Gift Guide

Click for more ›

Most Popular Reviews

Latest Articles


PCW Evaluation Team

Edwina Hargreaves

WD My Cloud Home

I would recommend this device for families and small businesses who want one safe place to store all their important digital content and a way to easily share it with friends, family, business partners, or customers.

Walid Mikhael

Brother QL-820NWB Professional Label Printer

It’s easy to set up, it’s compact and quiet when printing and to top if off, the print quality is excellent. This is hands down the best printer I’ve used for printing labels.

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?