Τετάρτη, 10 Φεβρουαρίου 2010
Mobile social networks: ENISA's golden rules
EU cyber-security agency ENISA issued a report on mobile social networking - "Online as soon as it happens".
From the summary:
"The report describes the social networking world and the mobile phone services allowing the users to experience the social networking sites (SNSs) on their handset, also illustrating the major risks and threats connected to their use. While many of the privacy issues originating from the web-based access to SNSs also apply to mobile social network s, there are also a number of unique risks and threats against mobile social networks. The report aims to provide a set of recommendations for raising the awareness of social networks users and in particular of social mobile users of the risks and the possible consequences related to their improper use."
Here are their recommended golden rules "to raise awareness about the risks and threats related to the misuse of social networks, in particular when accessed through mobile phone, with advice on how to avoid unwanted consequences":
Pay attention to what you post and upload
Consider carefully which images, videos and information you choose to publish
Remember that a social network is a public space; only post information or upload images you are comfortable with, keeping in mind that at a later stage you might be confronted with the content you uploaded, e.g. in a job interview. Information and pictures you post online should be considered permanent. They can be copied and stored by other individuals and can resurface years later in search engines.
2 Never post sensitive information
Do not make information such as address, date of birth or financial data available in your profile. A criminal might access your profile and steal your identity.
3 Use a pseudonym
You do not need to use your real name in an online profile. Using a nickname can help you protect your identity and privacy; only close contacts will know who is behind the nickname.
Choose your friends with care
4 Do not accept friend requests from people you do not know
Be selective about who you accept as a friend on a social network. You do not have to feel obliged to add someone to your friends’ list. Politely refuse or simply ignore the request.
5 Verify all your contacts
Ensure that the people you are in contact with or who sent a friend request are really who they say they are. Do not trust them immediately.
Protect your work environment and avoid reputation risk
6 When joining a social networking site use your personal e-mail address
Do not use your company e-mail address but your private one and do not post confidential or competitive information about your organization. Be careful about the information you reveal about your workplace, for example do not post pictures shot in front of your office with the company's address or logo on the background that may lead to your job or workplace address.
7 Be careful how you portray your company or organisation online
Consider what your employer would think before posting any comments or material online about your company or organisation.
8 Do not mix your business contacts with your friend contacts
You have no control over what your friends may post online or how they may portray you and consequently what your employer, colleagues and clients may be exposed to.
Protect your mobile phone and the information saved on it from any physical intrusion
Do not let anyone see your profile or personal information without your consent
Before accessing your profile through your mobile phone pay attention to the environment and people that are surrounding you. If someone is trying to see what you are doing access your profile in a safer place.
10 Do not leave your mobile phone unattended
Someone with malicious intent could update your profile and status with false details. Remember to log out from the social network once your navigation is over and not to allow the social network to remember your password (this function is called ‘Auto-complete’).
11 Do not save your password on your mobile phone
Mobile phones can be easily lost or stolen and if you save your password on your mobile device anyone who may have possession of it can access your profile, see your pictures and friends. Try to commit your password to memory and if you write it down be careful where you store it.
12 Use the security features available on your mobile phone
Remember to lock the keypad when not in use and to protect the device with a PIN or a password. Backup your details to another device such a PC in case your mobile phone is lost or stolen. Configure connections (such as Bluetooth and Wi-fi), especially in airports and public spaces, to be secure and if your mobile device has a built in firewall remember to enable it.
Respect other people’s privacy
13 Be careful what you publish about someone else
Do not upload pictures or personal information regarding other people without their consent. You might commit a criminal offence.
Always be informed about who provides the service and how your personal information will be used and who has the right to access the information you post.
Protect your privacy with the privacy settings
15 Use privacy-oriented settings
Set the profile privacy level properly. Check the privacy settings of your profile — who can see your pictures, who can contact you and who can add comments in order to avoid making your profile available to everyone.
Report immediately lost or stolen mobile
16 Be careful when using your mobile phone and pay attention to where you put it
Report immediately stolen or lost mobile phone with contacts and pictures saved in its memory and personal information regarding you and your friends (e.g. those friends whose contacts on the SNS have been synchronized with the mobile phone) and change the passwords on the social networks your are a member of.
Pay attention to the location based services and information of your mobile phone
17 Deactivate location based services when not using them.
Remember to deactivate location based features of your mobile phone if you don’t need them.