Trend Micro recently asked a simple question on Twitter, “Are you worried about the safety of your data when using social media?”
More than 33,000 responses later and the answer is a toss up. The discussions in response to our tweet didn’t provide a clear answer either. This is despite months of high profile Facebook scandals and years of massive data breach headlines.
So what’s going on?
Posing a poll question is tricky. The question needs to be approachable enough to generate a lot of answers. It also needs to be a simple multiple choice, with only a few words per answer.
This will almost always result in a straightforward poll.
Not so this time. The answers are almost evenly divided across the three possible responses. Digging deeper, one of the challenges is how respondents chose to define the “safety” of their data.
As a security professional, I use one definition, but in my experience most people have their own idea when it comes to the “safety” of their data.
For some, it’s being in control of who can access that data. For others, safety is whether or not the data will be available when they want to access it. Others still think about whether or not they can get their data back out of the network once it has been shared.
The formal name for these concepts in information security is the CIA triad—I know, I know, I didn’t name it—confidentiality, integrity, and availability.
Whether you know it or not, for any definition of “safe,” you need all these of these attributes. Let’s look at each in turn.
If everything you posted on Facebook was public, how often would you share?
Confidentiality is the most important attribute for the safety of your data on social networks. Not having control of who can access your data makes social networks significantly less valuable.
How you control the confidentiality of your data depends on the network.
On Facebook, you can change each post to be visible by only you, your friends, or the public. Other finer grain options for each post exist as well if you know how to find them. Similarly “Groups” allow you to share with a different audience.
On LinkedIn, you get similar options as Facebook. Twitter is much simpler. Your tweets are either public, protected (you approved who can see them), or you send a 1:1 direct message.
Each of these systems help you control who can see your data. They allow you to control the confidentiality of your data.
The more control you have and know how to use, the safer you will feel about your data.
Integrity is less of an issue with the major social networks. It’s understandable that once you’ve posted something, you expect the same information to be shown when appropriate.
But integrity issues do pop up in unexpected ways.
When your data changes without your permission or awareness, it could lead to unintended consequences.
Availability comes into play in two primary ways. It’s rare for social networks to have downtime or errors. This means that your data is almost always available when you want to view or share it.
The larger question of whether you can get your data back in its original format is much trickier. It’s a rare case that the social networks will let you export your complete information. It usually runs counter to their business model.
However, some networks do offer the ability to export said data from your account. This helps increase its availability to you.
Where Should You Focus?
The poll lacks context, which is the most likely reason why we saw the answers split almost evenly among the three choices.
While the availability and integrity of your data is important, in the context of your social media usage confidentialityshould be top of mind.
Most social networks provide a set of privacy controls that allow you to control who on the network can see your data.
Due to the nature of social media, these controls can change regularly. You should make a habit of checking the available options every so often to ensure that your data is safe.
Care About How You Share
Social media can be a fantastic way to engage with various communities, stay in touch with family & friends, and to expand your perspective. Unfortunately, there are down sides as well.
We’ve posted before about fake news, the privacy impact of networks selling data, and other issues related to social media usage.
Despite these challenges, there is still more upsides than down. The key to being a responsible social media user is to understand the control you have over your data.
Regardless of how you define “safe,” it’s important to be aware of the network you’re sharing on, how to use the control settings on that network, and have a clear understanding of what information you’re comfortable sharing.
What social media networks do you use most often? Do you feel you understand their privacy settings? Let us know down below or on social media (we’re @TrendMicro on most networks).