Securing your online social identity

So, what was the first thing that went through your mind reports surfaced that Facebook CEO Mark Zuckerberg's own profile page on the social network had been hacked?That the Internet can never be 100 percent secure should, by now, be a foregone conclusion.
Written by ZDNet Staff, Contributor

So, what was the first thing that went through your mind reports surfaced that Facebook CEO Mark Zuckerberg's own profile page on the social network had been hacked?

That the Internet can never be 100 percent secure should, by now, be a foregone conclusion. In fact, I believe that any form of risk management should not be focused on prevention but on mitigation. However, that's easier to manage if you own the data you're trying to protect and oversee the policies that govern how the data should be handled.

With online social platforms, your personal information is managed by the social networking site. Here, how your data is managed depends largely on the site's privacy policies and governance.

Facebook, for one, has made frequent changes to the way it handles user data. This is something I feel strongly about and have discussed in my previous blog post.

There's no doubt that Zuckerberg's team has constantly tried to introduce new innovative ways to improve the site and enhance their users' online social experience. However, that sometimes means user data can be used in a way it wasn't intended to be used when the user first agreed to provide the data.

The most effective way to protect your privacy on Facebook, or any other Web site for that matter, is to assume responsibility for it.

I invited today's guest blogger, PeekYou CEO Michael Hussey, to highlight how we can better safeguard our online social identities. He founded the company in 2006 to provide a "people" search engine, providing search results that identify users and summarize their online footprint. The engine searches and indexes people the same Google does with Web sites.

Michael believes that everyone should understand and maintain their online identity in the same way, and with the same care, they manage their offline identity. He talks about that here and stresses the importance of taking due diligence to protect our own identity.


You might be asking, when even Mark Zuckerberg has his Facebook profile hacked, is anyone safe?

I personally suspect that human error was behind that hack--that someone must have seen him log into one of his accounts, furtively gleaned his password, and whispered it to others. Facebook's general security protections were probably not to blame.

Even so, the incident would prompt many Facebook users to fear for their privacy on their favorite Web site.

But, there are many things you can do yourself to protect your privacy on Facebook. For one, set your Facebook privacy settings to suit your desired degree of discretion. If you do so, you are right to expect that the data you share on Facebook should remain private and only viewable by people you have allowed access to. In this regard, Facebook has done a very good job in creating flexible privacy controls that suit most users.

However, be cautious when using Facebook Connect with third-party Web sites. Understand that your Facebook data is being passed to the owners of these sites whenever you use Facebook Connect to log in.

Facebook Connect is a useful tool that makes it much easier to join and participate in trusted third-party sites outside of Facebook, but its use should be limited to sites you trust and which make it clear what they do with the personal information they collect about you. This is a general rule of thumb: you should never join a site that doesn't have a clear privacy policy or terms of service.

Because of tools like Facebook Connect, it is now simpler, faster, and more common to join new Websites, so just be careful. You wouldn't invite someone in your home without first getting to know them…and you shouldn't join any Web site without first learning a bit about who they are and what they do.

Also, beware that unless you choose the very strictest privacy settings, some generic information about you will still be visible to everyone. Facebook calls it "Everyone Information"--and search engines like Google and PeekYou use it to identify people who have a Facebook profile. If you don't want to be indexed by search engines, but still want your friends, family and colleagues to be able to find you, make sure you choose appropriate privacy settings.

And, as a matter of course, try to keep different passwords for each different Web site you log into. Keeping track of them all is getting harder and harder as the number of Web sites to create accounts for grows and grows. So if having a different password for each site is impractical, then at the very least, keep a different set of passwords to protect truly important information such as your online banking, other financial information, and so on.

And especially, if you are using Facebook Connect across lots of sites, make sure you change your Facebook password frequently and make sure it is secure.

Also, never forget that the Internet is full of publicly available information.

Editorial standards