Staying Safe On Social Network Sites

Duke IT Security Office reminds community to consider security when interacting online

When it comes to social networking, Cara Rousseau likes being "out there." As Duke's social media manager, she shares information about the university in daily posts on Facebook and Twitter.

But she's also careful to protect herself and her information online, because she understands the risks of exposing too much on social networks.

"It's an individual's preference for how much information he or she wants to share publicly," Rousseau said. "There's a huge range of privacy settings and ways to customize who can see your information. But the best rule of thumb is to think about anything you're putting out there as public, no matter what your privacy settings."

As part of National Cybersecurity Awareness Month in October, the Duke IT Security Office is reminding students, faculty and staff to keep security in mind when interacting on social networks. 

The popular social networking platform Facebook, for instance, is notorious for changing privacy settings without notice, said Richard Biever, Duke's chief information security officer.

 "Remember, you are not the customer of a social networking site. You are the product," Biever said. "They can take the information you put on their platform and repurpose it for selling ads and data mining for advertising."

The Internet provides a sense of anonymity, and the lack of physical interaction can create a false sense of security. Some users tailor posts for their friends to read, forgetting others may see it. They may not be aware photos and text can be retrieved even after deletion.

"What you post on social networking sites could be used against you," Biever said. 

Because of the popularity of social networking sites, attackers use them to distribute malicious code, often through third-party applications. Those applications can infect computers or share personal information without a user's knowledge.

To protect herself, Rousseau stays up-to-date on privacy and security issues by reading technology blogs regularly. She has created various Facebook groups to customize who can see different types of content.

She doesn't recommend creating two profiles to separate the personal from the professional but advocates a healthy sense of skepticism.

"Not everything online is what it appears to be, and there's a certain amount of risk whenever you click," she said. "While these platforms offer a lot of value, you need to filter incoming content carefully and understand that what you put out there stays out there. If you're not sure if it should be posted to Facebook, then don't post it."