Protecting social media and messaging apps

Protecting social media and messaging apps

| CSGN-2303

Social media and messaging services can put people’s security and privacy at danger, both personally and professionally. This advice highlight some of those threats and suggestions for both personal and professional use to help strengthen the security of social media accounts and messaging apps.

There are risks with using social media and messaging services.

Misuse of personal information

There is a possibility to abuse personally identifiable information published on either social media or chat apps. Even posts, conversations, images, or videos that we may think innocent, could be utilized to create thorough profiles of people. This data may be used in extortion or social engineering campaigns to get sensitive information or persuade people to discredit the operations or security of organizations. Social media content may also contain misinformation and may come from unreliable or fabricated sources.

Data gathering

As part of their business models, social media and messaging services like Facebook, Instagram, Messenger, Viber, Snapchat, Telegram, TikTok, Twitter, WeChat, WhatsApp, YouTube, and others gather a lot of data. In addition to the content of messages, videos, and voice recordings, these apps may also gather other information from users’ devices. Over time and with updates of these apps the type of data that is being gathered may also change. It’s also possible for the terms of use and privacy rules governing the kind of data that are gathered, as well as how and when they can be used, to change abruptly or be challenging to comprehend. This information may occasionally be kept on remote servers that are not located on the country the app is and be exposed to unauthorized access.

Identity theft, fraud, harm to reputation, and humiliation.

Due to their widespread use, social media and messaging services are also used to learn about the operations and systems of both organizations and people. Even social networking platforms and messaging services geared toward kids and teenagers run the risk of collecting sensitive or private information. There is a risk of reputational harm or shame when private or sensitive information is shared via messaging applications or posted on social media. Even information that seems harmless when seen alone could privacy when combined with other information.

Advice for use in business

choosing which social media and messaging app companies to utilize, businesses should consider vendor transparency and their dedication to the security of their goods and services.

 the following policies should be followed by businesses that use social media accounts :

  • Make sure that only authorized individuals may access business social media accounts, and that access (whether direct or delegated) is immediately terminated when access is no longer necessary or when the staff leaves.
  • Make sure that there is a social media usage policy of the organization and all the staff are aware of  what may and cannot be shared on business social media accounts.
  •  
  • Make sure staffs are trained  on how to use company social media accounts.
  • Make sure people are aware of how to react when sensitive or incorrect information is posted on social media.
  • Make sure users are informed of how to restore control of accounts on corporate social media that have been compromised.

Suggestions for private use

Common sense and a healthy dose of skepticism should guide how social media is used for personal purposes. For instance, there have been several instances where “fake news” which consist of false information has been disseminated over social media. In other instances, factual material has been circulated by a huge number of automated accounts or “bots”to garner more attention or affect reader opinion.

When using personal social media accounts, the following precautions should be taken:

  • Use an alias while making social media profiles rather than revealing full names.
  • Instead of using a company email address, use a personal one. Use a different personal email address for social media.
  • Make sure private choices are recognized and used. When appropriate, use a private profile.
  • Limit the amount of private information you post on social media, including your home and workplace, phone numbers, Bank details or any other sensitive data.
  • Watch what others publish about you, within reason, to avoid personal information being shared.
  • If you are concerned about your movement or location, Be mindful of social media and messaging apps that automatically post sensitive information.
  • Before sharing any photos on social media or through messaging applications, remove location information from them.
  • It can be quite challenging to erase or retrieve material that has already been posted or received on social media or through messaging applications, so be careful what you post or send.
  • Be cautious when opening shared links or attachments, including those sent over messaging and social networking apps.
  • Be mindful of contact you didn’t ask for. Refrain from granting requests from strangers.

Keeping social media accounts secure

The following guidelines ought to be followed when using both business and private social media accounts:

  • Use multi-factor authentication whenever possible. Otherwise, make sure each social media account has a different passphrase.
  • Social media account passwords should not be exchanged or emailed.
  • Passwords for social media accounts should not be chosen to be remembered unless they are saved in a password vault.
  • Avoid answering questions that could be easily found in publicly accessible sources of information if you are requested to create security questions to regain social media accounts.
  • Use of social media accounts from untrusted devices, such as those found in hotels or internet cafés, is prohibited.
  • Do not set up social media accounts such that they sign in automatically on shared devices.
  • Whenever using social media on a shared device, always remember to log out and use incognito mode wherever possible on such devices.
  • Any devices that have access to social media accounts should have lock screens and a passphrase.
  • Keep in mind to delete or disable any old social media accounts you no longer need.

Keeping mobile apps secure

For use while on the go, most social networking companies offer a mobile app. Before installing these mobile apps, users should be aware of the additional security and privacy risks they may pose. The following precautions should be taken when using mobile apps:

  • To manage specific mobile app permissions, make sure devices are running the most recent version of the operating system.
  • Install mobile applications only from reputable retailers, such as the Apple App Store or Google Play Store.
  • Be mindful of mobile applications that need too many permissions for the services they offer.
  • Make sure you regularly check for and update mobile apps.
  • After updates, double-check the security and permissions settings of your mobile apps because they may have changed.