Social Media Security: Leveraging Social Networking While Mitigating Risk [1° ed.] 1597499862, 9781597499866
Social networks, particularly public ones, have become part of the fabric of how we communicate and collaborate as a soc
489 76 4MB
English Pages 346 [347] Year 2013
![Social Media Security: Leveraging Social Networking While Mitigating Risk [1° ed.]
1597499862, 9781597499866](https://dokumen.pub/img/200x200/social-media-security-leveraging-social-networking-while-mitigating-risk-1nbsped-1597499862-9781597499866.jpg)
Table of contents :
Front Cover
Social Media Security
Copyright Page
Contents
Acknowledgements
About the Author
About the Technical Editor
1 What is Social Media?
What is social media?
Understanding social media
Different types and classifications
Collaboration
Blogs
Content communities
Social networking sites
Virtual worlds
Sites that fall under multiple classifications
The value of social media
Value can be found in the potential
Mobile social media
Cutting edge versus bleeding edge
Dealing with the “is it a fad?” question
Brief history of social networking
The problems that come with social media
Is security really an issue?
Taking the good with the bad
Bibliography
2 Opportunities of Social Media
Opportunities of social media
New methods of marketing to customers
Branding
Building social authority
Engaging customers
FOMO
Sharing information
Knowing what NOT to say
Getting the word out
COBRAs
eWOM
Hashtags
Missing the mark … mistakes in responding to people
Taking advantage of collective intelligence
Bibliography
3 Employment and Social Media
Employment and social media
Using social media to find employees
Candidate screening
Asking for a prospective or current employee’s password
Legal issues
Using social media to find employment
Getting referrals
Branding yourself
LinkedIn
Endorsements and recommendations
Creating a custom URL on LinkedIn
Getting the word out
Limiting personal information
Adding too much additional information
Public profiles
Passwords
Your password may have already been compromised
Hacking 101
Securing other settings on LinkedIn
Employees using social media
Allowing social media in the workplace
Bibliography
4 Considerations for setting up Social Media
Considerations for setting up social media
Why are we doing this?
Requirements gathering
What is the place of social media in your organization?
Is it really needed?
How will it be used?
How will it not be used?
Identifying your audience
Younger audiences
Internet versus intranet
What’s being said about your brand?
Monitoring conversations
Making the right decisions early
Setting corporate goals
Getting the right people together
Remembering technology in the equation
Nonwork computers
Shortened URLs and related risks
Examine suspicious URLs
Using centralized corporate accounts and email
Identifying how you’ll represent yourself on the Internet
Approved representatives
Preexisting accounts
Privacy
Some privacy concerns in using social media
Training and policy
Bibliography
5 Being Bold Versus being Overlooked
Being bold versus being overlooked
Good social media campaigns
Bad social media campaigns
Sometimes it’s better to be overlooked
Social media hoaxes
The human factor
The oops factor
Acronyms and abbreviations in messaging
Netiquette
Don’t feed the trolls
Content management
Stale and outdated content
Following trends
Linking content across different sites
Linking twitter to linkedin
Linking your twitter account to facebook
Linking your facebook page to twitter
Adding internet social media content to a web page
Censorship
Censorship by country
Self-censorship
Censoring your pages and blogs
Humor
Promotion of social media
Contests
Directories
Not everyone is on the internet
Bibliography
6 Risks of Social Media
Risks of social media
Sources of risk
Public embarrassment
The content you post can and will be held against you
Divorce cases and social media
Removing videos from YouTube
Removing photos and tags that others post on Facebook
Removing posts on Facebook
Hiding content
Reporting abuse
Once it’s out there, it’s out there
False information
Misrepresenting yourself
Misrepresenting your business
False information isn’t necessarily bad
Information leakage
Be clear about what’s private
Providing too much information
WikiLeaks
Corporate espionage
Retention and archiving content
eDiscovery
Backing up social media
Archive Facebook
Archive Twitter
Multisite third-party tools
Other tools for individual sites
Loss of data/equipment
Selling and recycling equipment
Wiping hard disks
Lost or stolen phone/tablet
Backup and restore
Using windows backup
Web-based solutions
Backing up a cell phone or tablet
Personal data or equipment
BYOD
Bibliography
7 The Dark Side
The dark side of social media
Cybercrime
Scams
Using secure browsing
Cyberstalking
Protecting yourself
Cyberbullying
Cybersex and other intimate issues
Romance scams
Chat rooms
Blocking chat in Facebook
Cybersex
Sexting
Fake photos and video
Explicit content on social media sites
Explicit content of yourself or loved ones
Predators
Monitoring tools
Social engineering
Dumpster diving
Phishing
Fake sites
Fake sites for purposes other than phishing
Fake or shortened URLs
Norton Safe Web
Anti-phishing protection in browsers
Hacked accounts
An example of how hacking works
Protecting yourself
Defaced sites
Keeping track of who’s logged on
Trusted contacts
Bibliography
8 Risk Management
Risk management
Assessing risks
Sources of risk revisited
Laws and regulations
Privacy policies and terms of service
Sarbanes–Oxley act
Health insurance portability and accountability act
Fair information practice principles
Payment card industry data security standard
Digital millennium copyright act
Removing content from Google
Intellectual property and trademark infringement
Discrimination
Defamation
Harassment
Insurance
Forensics
Digital forensic software
Don’t delete messages
Reverse lookups
Finding the approximate geographic location
Using Facebook
Acquiring information from social media sites
Police use of social media
Incriminating yourself
Defending yourself online
Outdated content
Direct use of social media to solve crimes
Malware, viruses, and exploit distribution
Scareware/ransomware
Baiting
Browser hijacking
Protecting yourself from backdoors and exploits
Protecting yourself from viruses and malware
Bibliography
9 Policies and Privacy
Policies
Pros and cons
Creating a policy
Online social behavior
Enforcing policies
Getting people to read it
Policies affected by social media
Acceptable use
Antidiscrimination and antiharassment
Confidentiality
Intellectual property
Records retention
Moonlighting
Noncompete and nonsolicitation agreements
Code of conduct and ethics
How not to report a violation
Privacy
Your own worst enemy
What friends say about you
Using Facebook lists
Create new lists
Restricted list
Restricting who can see your Facebook posts
Limiting past posts
Restricting who can see your friends and who you follow
Protecting your tweets
Checking the risk of a site
Blocking sites through the browser
Parental control software
Blocking users
Blocking users on Facebook
Unblocking users
Blocking invites
Blocking users on Twitter
Blocking users on YouTube
Blacklisting users on WordPress
Controlling app privacy
Managing apps on Facebook
Checking the privacy of apps before you install
Removing apps
Blocking apps in Facebook
Unblocking apps
Location awareness
Being aware of your location and situation
Location-based social networks
Removing location information from Facebook
Removing location information from Twitter
Hiding events
Privacy of photos
Geotags
Bibliography
10 Security
Security
Keeping track of accounts
Security reviews
Security strategies
Fake accounts
Brandjacking
Brandjacking as part of an attack
Defensive profiles to prevent impersonation
Reporting fake accounts on Facebook
Reporting inappropriate profiles on LinkedIn
Passwords
Bad passwords
Good passwords
Hacking 101
Verification for password resets
Protecting your account with two-step verification
Privacy and information sharing
Locking down personal information
Contact information on Facebook
Basic information on Facebook
Likes on Facebook
Privacy shortcuts
Doxxing
Doxxing 101
The human flesh search engine
Facebook graph search
Controlling exposure to search in Facebook
Content security
Preapproving or turning off comments
Stop people from posting on your timeline
Controlling what others see
Controlling tags
Hiding sections of a timeline
Seeing through the eyes of others
Bibliography
11 Where do We go from Here?
Where do we go from here?
The pitch, the promise, and the reality
Who’s in charge here?
Accountability
Accountability in a crisis
Governance
Developing plans, policies, and guidelines
The scope of making decisions
Reviewing membership
Clear and understandable roles
Crisis management
Continuity planning
Monitor social media
Reading is fundamental
Notifications
Setting notifications on Facebook
Setting notifications on Twitter
Keeping track of “likes”
Hijacking
Keeping track of dislikes
Monitoring hashtags
Hijacking
TweetDeck
Using tools on blog sites
Facebook insights
Google analytics
Monitoring multiple social media sites
Keeping it fresh
Deciding what’s working and lessons learned
Creating Facebook pages
Security settings
Vanity URLs
Usernames for accounts
Dialing it back and retaking control
Reviewing social media
Getting rid of accounts, pages, and sites
Deactivating a Facebook account
Deleting a Facebook account
Deactivating a Twitter account
Closing a LinkedIn account
Deleting or unpublishing Facebook pages
Friends versus followers
Removing friends and who you’re following
Additional administrators
Adding and removing administrators on a Facebook page
Adding and removing roles on a WordPress blog
Ongoing training
Bibliography
Index
