Hit the Reset Button: A New Guide to Facebook Safety and Privacy

Comments

Facebook is now in the process of releasing dramatic updates to its ever-evolving privacy features. These updates contain some new tools to help secure your privacy and online identity. And if you haven’t reviewed your settings recently, now it the perfect time to do so.

How do  you know if the new features are available to you? Go to Account> Privacy Settings. If you see the settings above, you’re in.

F-Secure Labs Security Advisor Sean Sullivan walked me through the updates, identifying the most relevant changes for cautious users. Based on what we’ve found, here’s what you need to do now—if you haven’t already—to secure your Facebook account.

1. Secure your PC and password.
How to do it:
A. Update your system and security software. Our Health Check makes this easy.
B. Choose a password that can’t be guessed. Make it a password that you only use for this account and none of your “friends” will able to guess. Don’t choose a word in the dictionary or any word mentioned on your profile. Here’s system that our Labs recommend.

Why?
Updated Windows 7 or Mac OSX software along with updated security software will protect you from most threats in case you ever make a mistake online. I also recommend you back up your data in a remote location (off-site physical backup or online backup) for complete protection.

2. Go “Friends Only”.
How to do it:
A. Go to Account> Privacy Settings.
B. Under “Control Your Default Settings” click “Friends.”

Why?
Go with “Friends Only” because you can now choose how to share any post or picture with “Public”, the maximum audience, “Friends” or “Custom”. Custom includes options to select specific friends, “Friends of Friends” or “only me.” Or you can block specific people from each post. You can make this decision each time you post. So start it’s smart to start with the safest setting just in case you post something you shouldn’t have.

Also, you can now change the privacy setting of any old post or media you posted. This is a good new addition. However, certain things like your name, friends lists and the comments you make on Facebook pages will always be public.

You can decide how and who can find and contact you on Facebook in your Privacy settings by clicking “Edit Settings” for “How You Connect”.

3. Hit the “reset button” and turn all your past posts to “Friends Only”.
How to do it:
A. Go to Account> Privacy Settings>
B. Next to “Limit the Audience for Past Posts” click “Manage Past Post Visibility”.
C. In the pop-up, click “Limit Old Posts”.
D. In the next pop-up, click “Confirm”.

Why?
Why not? You can always change an old post to make it public again if necessary. Anything you share on Facebook can be reshared in some way by anyone who has access it. With this one step you’re saying I only want my friends who I trust to have access to everything I’ve done on Facebook. Facebook assumes you know your friends. That’s the official word in a recent official Guide to Facebook Security (PDF).

Of course, Facebook also profits from social games that flourish because people friend new people ravenously. So it’s a good idea to give your Friends List a quick scan and unfriend anyone you don’t know or trust—unless you’re a game player. Then you should know that Facebook appreciates your business but isn’t designed to protect your privacy

4. Turn on Profile Review to approve all posts and pictures tagged with your name before they’re posted on your wall.
How to do it:
A. Go to Account> Privacy Settings.
B. Next to “How Tags Work” click “Edit Settings”.
C. In the “How Tags Work” pop-up, click “Edit” next to “Profile Review”.
D. In the next pop-up, click “Turn on Profile Review”.

Why?
Anyone on Facebook can now tag you in a photo or a post. With Profile Review, you’ll be able to decide which photos and posts tagged with your name show up on your wall.

While you’re on the “How Tags Work” pop-up, you may also want to disable “Friends Can Check You Into Places”. This won’t stop someone from saying you’re at a bar on your lunch break, but it may prevent your friends from seeing such a fictional check in. If you don’t want Facebook to put you in its facial database to recognize you when you appear in your Friends pictures, click “Edit” next “Tag Suggestions” on the “How Tags Work” pop-up. Then select “Disable”.

5. Set your Account Security.
How to do it:
A. Go to Account> Account Settings>
B. On the left-hand column, click “Security”.
C. Click “Edit” next to the “Security Question”. Pick a question only you will be able to answer.
D. Click “Edit” next to “Secure Browsing”. Click the box next to “Browse Facebook on a secure connection (https) when possible” and then click Save Changes. You’re browsing will now be secured when it can be.
(Many apps and games are not yet updated for secure browsing. Using these may boot you out of Secure Browsing. But Facebook seems to put you back into secure browsing as soon as it can.)
E. For extra protection, click “Edit” next to Login Approvals. Then click the box next to “Require me to enter a security code each time an unrecognized computer or device tries to access my account” and click Save Changes. This will create a little hassle but could also prevent your account from being hacked.

Why?
These tools are the extra protection you need to greatly reduce the chances of your account being hacked. And if you do get hacked, an active secondary email account and a good security question will help you get it back.

6. Turn off Public Search
How to do it:
A. Go to Account> Privacy Settings>
B. Next to “Apps and Websites” click “Edit Settings”.
C. Next to “Public search”, click “Edit Settings”.
D. Make sure the box next to “Enable public search” is NOT checked.

Why?
Do you want your Facebook page to be the first thing to come up if an employer, an ex or your mom does a Google search of you? If your answer is yes, click that box. If not, limit the ability to find you within Facebook and Facebook apps.

7. Click with caution.
How to do it:
A. Think twice before you ever click the “Post” button.
B. Think thrice before you click on the links posted by friends.

Why?
Clicking on a bad link could expose you to malware or scams. This is when you need your updated software to protect you most. For extra protection, use our free ShareSafe App to share links with your Facebook friends. You’ll even earn points that can be used to win rewards.

8. Limit the information shared with Apps.
How to do it:
A. Go to Account> Privacy Settings>
B. Next to “Apps and Websites” click “Edit Settings”.
C. Next to “Apps you use”, click “Edit Settings”.
D. Click the “X” box to delete any app you aren’t using.
F. Go back to App settings, and click “Edit Settings” next to “How people bring your info to apps they use”. Uncheck every box and click Save Change.
E. For extra protection, turn off all applications until you need them. Do this by clicking “Turn off all platform apps” in the Apps, Games and Websites settings.
F. For even more protection, turn off “Instant Personalization” which automatically shares your public information with Facebook’s partner sites. Do this clicking Edit Settings next to “Instant personalization”. UNCHECK the box next to “Enable instant personalization on partner websites.”

Why?
When you’re dealing with apps, you’re dealing with third-party developers who you may not know or trust. The actual language Facebook uses to clarify how and when your information may be shared through apps and friends is difficult to decipher.

The more you limit the data you’re sharing, the more control over your identity you have. We say eliminate the unknowns; opt out of sharing until you have a reason to opt in. You should also know if you use an app, there’s a chance your friends could find see that. So keep that in mind every time you try out a new app.

BONUS TIP: Tell Facebook not to use your  image or name in ads.
How to do it:
A. Go to Account> Account Settings>
B. On the left-hand column, click “Facebook Ads”.
C. Click “Edit third party ad settings”.
D. Next to “If we allow this in the future, show my information to” select “No one.”
E. Click Save Changes.
F. Click “Facebook Ads” again and click on “Edit social ads setting”.
G. Next to “Pair my social actions with ads for” select “No one.”

Now check your work. See how other people see your profile.
How to do this:
A. Go to Profile.
B. In the upper right corner, click on View As…
C. View how specific friends or the “public” sees you.

A sign posted on a wall in Facebook headquarters says: “Move fast and break stuff.”

Facebook’s transition into secure/https browsing, is a good example of how Facebook improves privacy and security in a steady, if occasionally buggy, way.  As you explore these new features, you may notice, for instance, that Facebook still may use the word “Everyone” in one or two places, though they announced that they’re transitioning to the word “Public.” But the changes here are for the better.

These updates are, of course, not enough for some critics. As usual, you should expect some unforeseen consequences, as there nearly always are when 750 million active users have to reexamine how they use the largest social network ever created.

Your security depends on you and your friends knowing how Facebook works. Now that you know how to protect yourself, I hope you share this information with someone you care about.

Follow F-Secure on Facebook for more security and privacy tips.

Cheers,

Jason

comments powered by Disqus
Powered by WordPress.com VIP
Follow

Get every new post delivered to your Inbox.

Join 337 other followers