Have You Changed Your Facebook Privacy Settings Lately

A recent survey illustrates that many users are not even taking advantage of the tools to protect their privacy.

Is your social network secure? Do you even know where the account security and privacy settings are, or what the default settings are? A recent survey conducted by ESET illustrates the relative insecurity of social networks--which is alarming given the volume and sensitivity of information that is shared on them.

Social networks are fertile ground for malware attacks and scams. The very concept of the social network assumes some degree of trust and sharing, and attackers can prey on that inherent trust. You know enough to ignore that email from the Nigerian prince (please, tell me you know enough to ignore that email!), but would you have enough skepticism or common sense not to click on a link sent from your own mother?

Privacy is subjective to some extent. Some people are comfortable sharing things that others find too sensitive or invasive. The thing is, social networks like Facebook provide you with the tools you need to customize the security and privacy to your liking...assuming you ever take the time to do so.

The ESET survey found that 20 percent of the respondents have never changed their privacy settings, and another 19 percent haven't done so in the past year. If you follow the tech headlines, you know that privacy and security issues come up frequently, and social networks implement new security controls, and changes to privacy policies. Not checking or updating privacy settings in the past year is essentially the same thing as never changing them.

Here are some interesting findings from the survey:

• 69 percent of account owners are concerned about security

• 67 percent expressed concern about privacy

• 37 percent are concerned about someone creating a fake account in their name

• 95 percent of social networking account owners accept friend/follower/connection request always or sometimes

• 71 percent of social networking account owners are concerned that their personal information entered on social networking sites may be sold or shared without their knowledge for profit.

As with many areas of technology and security, though, there seems to be some disconnect between perception and action. Users are concerned about security, but automatically accept invitations and friend requests without thinking about it. Users are worried about privacy, but nearly half haven't even looked at the privacy controls available to them in the past year.

You have the power. Go to your Facebook profile, click the Account link at the upper-right, and select Privacy Settings. Facebook clearly displays the current privacy settings to show you which information is shared with Friends Only, Friends of Friends, Everyone, or Other--the other being a customized setting. For example, you can choose to share with Friends, but exclude specific friends from access, or you can share information only with specified accounts rather than all friends.

You can choose whether or not to let others tag you in photos, or who can see photos that you're tagged in. You can determine whether or not your friends are allowed to post things directly to your wall. You can decide whether or not your friends can check you in on Facebook Places. All of the controls are there for you. You just have to spend the 15 minutes to make conscious decisions about how to secure your information and protect your privacy.

As I mentioned above, though, things change. Setting your account security and privacy settings is not a set-it-and-forget-it sort of thing. You should revisit the privacy controls every few months, see if anything has changed or been added, and confirm your choices once again.

Join the CSO newsletter!

Error: Please check your email address.

Tags Internet-based applications and servicessecuritysocial mediainternetdata protectionprivacyFacebook

More about BilletworkFacebook

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Tony Bradley

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts