Online Social Networks (OSN) – A double edged sword.

Posted on: 9 February 2016
By:
No Comments »
Filed under: Uncategorized

social13

The latest Patch Tuesday blog from our Information and IT Security Officer, Graeme Wolfe, looks at Online Social Networks and provides some advice and guidance on how to keep yourself out of trouble when using these resources on line.

Online Social Networks. They can be a great way to keep up with your friends and family, share your thoughts, experiences and to express yourself, but there is the potential to end up on the wrong side of a disciplinary hearing, or even the law of the land.

When using the Westminster brand, the University has a policy with guidelines on the safe and correct use of social networks. For your personal use of social media, here is some guidance I have created to help us all keep safer and out of trouble when using OSNs.

Firstly:

Be thoughtful about how you present yourself in OSNs. The lines between public and private, and personal and professional are blurred in OSNs. If you identify yourself as a University employee or are known to be one, you are now connected to your colleagues, the University in general and even our customers. As an employee, you should ensure that any content associated with you is consistent with University policies.

Some of the risks of using OSN’s:

Publishing personal information on your OSN profile may make you susceptible to identity theft

Posting some information about you can also put your personal safety at risk

Phishing attacks can be started by criminals masquerading as genuine companies on an OSN

Social engineering is made easier if you post a lot of personal details on an OSN

OSNs can be used for bullying and harassment online

OSN account hijacking by criminals who use your profile to target your friends

Malicious code (‘malware’) can be spread via OSNs

Third party applications may have more access to your personal details that you are aware of, or happy with

Ways to stay safe when using OSNs:

Don’t post more personal information than is necessary

Protect your friends’ and colleagues’ information

Check your privacy settings

Who are all these people? Are they really your friends? Choose your friends carefully

Be cautious when using third party applications

Read the terms and conditions of the service provider

Think about any information you post

Consider whether your occupation may make you a target

Avoid becoming the victim of phishing attacks, by checking obfuscated URL’s carefully with preview services

Guard against hijack of your own social networking accounts, take care of your log in details

Ensure the computer used to access these sites has anti-virus software running

Try to access them from an account with user privileges only, not administrator privileges

Use ‘strong’ passwords for all online accounts

Personal and business views

As mentioned above, be aware when you are posting anything about your work or the University itself, and that it is clearly marked whether this is the view and opinion of the University or whether it is your own personal view.

Always remember that participation online results in your comments being permanently available and open to being republished in other media.

Stay within the legal framework and be aware that libel, defamation, copyright and data protection laws apply. This means that you should not disclose information, make commitments or engage in activities on behalf of the University, unless you are authorised to do so.

Graeme Wolfe

Information and IT Security Officer

08/02/2016