Online Social Networks (OSN) – A double edged sword.
Posted on: 9 February 2016
By: wolfeg
No Comments »
Filed under: Uncategorized
The latest Patch Tuesday blog from our Information and IT Security Officer, Graeme Wolfe, looks at Online Social Networks and provides some advice and guidance on how to keep yourself out of trouble when using these resources on line.
Online Social Networks. They can be a great way to keep up with your friends and family, share your thoughts, experiences and to express yourself, but there is the potential to end up on the wrong side of a disciplinary hearing, or even the law of the land.
When using the Westminster brand, the University has a policy with guidelines on the safe and correct use of social networks. For your personal use of social media, here is some guidance I have created to help us all keep safer and out of trouble when using OSNs.
Firstly:
Be thoughtful about how you present yourself in OSNs. The lines between public and private, and personal and professional are blurred in OSNs. If you identify yourself as a University employee or are known to be one, you are now connected to your colleagues, the University in general and even our customers. As an employee, you should ensure that any content associated with you is consistent with University policies.
Some of the risks of using OSN’s:
Publishing personal information on your OSN profile may make you susceptible to identity theft
Posting some information about you can also put your personal safety at risk
Phishing attacks can be started by criminals masquerading as genuine companies on an OSN
Social engineering is made easier if you post a lot of personal details on an OSN
OSNs can be used for bullying and harassment online
OSN account hijacking by criminals who use your profile to target your friends
Malicious code (‘malware’) can be spread via OSNs
Third party applications may have more access to your personal details that you are aware of, or happy with
Ways to stay safe when using OSNs:
Don’t post more personal information than is necessary
Protect your friends’ and colleagues’ information
Check your privacy settings
Who are all these people? Are they really your friends? Choose your friends carefully
Be cautious when using third party applications
Read the terms and conditions of the service provider
Think about any information you post
Consider whether your occupation may make you a target
Avoid becoming the victim of phishing attacks, by checking obfuscated URL’s carefully with preview services
Guard against hijack of your own social networking accounts, take care of your log in details
Ensure the computer used to access these sites has anti-virus software running
Try to access them from an account with user privileges only, not administrator privileges
Use ‘strong’ passwords for all online accounts
Personal and business views
As mentioned above, be aware when you are posting anything about your work or the University itself, and that it is clearly marked whether this is the view and opinion of the University or whether it is your own personal view.
Always remember that participation online results in your comments being permanently available and open to being republished in other media.
Stay within the legal framework and be aware that libel, defamation, copyright and data protection laws apply. This means that you should not disclose information, make commitments or engage in activities on behalf of the University, unless you are authorised to do so.
Graeme Wolfe
Information and IT Security Officer
08/02/2016