Summer is here. Whether you are staying at home or heading abroad this year, it is sensible to take a moment to consider how your actions on holiday could make you vulnerable to cyber criminals or other issues.
Most people enjoy going on holiday. It is your opportunity to unplug, disconnect, kick back and relax. What contributes to the fun is sharing those wonderful memories with family, friends and loved ones via social media.
Social media is a great way to connect and share with people, but it is also important to realise that unless it is used sensibly and cautiously your friends and family may not be the only ones that are viewing your posts.
“The internet rarely forgets!”
You would hope that for whatever social media platform you choose to use that the privacy settings are turned on by default. Unfortunately, they rarely are, and this can mean that anything you post, be it thought, photo, video or location could be seen by anybody with an account for the platform.
Cyber criminals actively use social media for opportunity and intelligence gathering. Whether this is to find individuals to target, or to bolster information to enable them to successfully socially-engineer an individual. If your privacy settings are not set, they could be able to see the information you are posting. Information by itself is just a piece of information, but information combined with other information becomes intelligence and can be used to develop a strategy to target someone. People post all kinds of information on social media: email addresses, mobile numbers, addresses and more, but it is not always about what is written, it is also the information that pictures, and videos can present – jewellery, expensive cars, or other luxury assets. The fact that you are away from your home and that it could be unoccupied. More sinisterly, what information are you exposing about your children or other family members?
Cyber criminality and social engineering aside, another aspect to consider is that businesses are increasingly conducting online background checks on their staff to mitigate possible security and reputational risk. Recruitment is an expensive and highly competitive process and businesses want to make sure they are making shrewd investments in the people they hire and that they will represent the company in the manner expected. An il-considered comment on a post, or inappropriate picture or video available for all to see could sway an employment decision.
Private lives should be private, but they are only private if privacy settings are turned on and the information is available freely on the internet.
So, what should you do to protect your social media?
• Turn on privacy settings for all your social media accounts. The information on how to do it is available. Google: “How to turn on privacy settings for {insert social media platform}.”
• Think very carefully what you post? Who might see it? Would you be happy for it to be seen? How would you feel about your employer or a later potential employer seeing your posts? If in doubt, do not post.
• Conduct a social media audit. What have you previously posted and forgotten about? Are you happy for it to still be accessible? If you find posts that could be construed as inappropriate perhaps consider removing it. Alternatively, you may choose to delete an account and start a new one from scratch to ensure you have control of your social profile.
• Set boundaries with friends and family over what they post regarding you. Be prepared to ask people to remove a post where required?
• Avoid tagging your location in real time. If you have tagged yourself, then to someone who may be watching it means you are not at home and your home may be unoccupied, or you are in a particular place wearing that expensive jewellery or watch…
• Use strong passwords. This is sensible cyber resilience practices, but you would not want someone to gain unauthorised access to your account and change the privacy settings, or post inappropriately, or use the information in the account for social engineering purposes. Do NOT used the password across multiple accounts. If one site is breached and your credentials are exposed, that exposure risk amplifies exponentially if you use that password across multiple other accounts.
• Turn on Multi-Factor / 2 Factor Authentication to prevent cyber criminal. This will enable you to know whether someone is trying to access your account and take appropriate action.
Safe social media use is now a life skill and one that everyone should take some time to learn. As the old adage goes, prevention is always better than cure. Act now, rather than experiencing regret later.
Michael Wills is co-founder and chief data officer for CSS Platinum. For further information on the company and the services it provides to Gibraltar businesses and the international yachting industry, please visit https://cssplatinum.com and/or email support@cssplatinum.com.
