Data collection is a widespread business model on the web. Most social networks (Facebook, Instagram, etc.), many free services (different Google services), mobile apps, as well as many devices (smartphones and tables) function according to this principle.
You’re probably already aware that in the “settings” section on your devices or directly on the online platforms of your favourite services, it’s possible to adjust your privacy settings.
What function do they serve?
These settings have two functions. The first is to restrict the data collected about you by the particular platform. The second is to control information sharing with other Internet users. This logic applies to your personal profiles and to the settings of your organization’s public web page or group management.
It is imperative that every good practice in cybersecurity meets your needs and responds to your reality and that of your organization. In this respect, the optimal configuration of your privacy settings follows the same logic. Therefore, chances are that different organizations are going to manage their settings differently.
The key principles
Let’s look at the key principles. To protect yourself well, you first need to understand what each application can obtain in terms of data. By adjusting the privacy settings, it’s possible to specifically limit what information is collected by the platform or select what information is accessible to different publics.
Oh yes! It’s entirely possible to shut the door and say “no thank you, dear app, I’d rather you didn’t collect this type of data!” Many resources are available online for this purpose.
We recommend C.O.A.C.H., a website that will walk you through the process of tidying up your security settings and—because we’re ALWAYS coming back to it—your passphrases step-by-step.
While it’s important to pay particular attention to the settings, it’s also important to carefully choose the page administrators (for Facebook, Instagram, LinkedIn). Remember that the attack surface is directly proportional to the number of individuals who have access to the accounts. This means that the more individual administrators or contributors an account has, the higher the risk of compromise becomes. Let’s not lose our heads though! This doesn’t mean that you need to systematically deny everyone access, but rather that you need to think carefully about the people who should have access and make sure they know your confidentiality rules and security policy.
Privacy settings change regularly. Therefore, you need to review them frequently to ensure that your security preferences are always maintained. It’s a good idea to plan a meeting or make time in your calendar every three months to go over everything and check whether the platform has changed or your needs have evolved.
Recap
- Review and choose the privacy settings on the different platforms you use according to your needs.
- Compile a list or all the networks, applications, or devices where these settings apply (this will save you time later).
- Plan to review the settings regularly (every three months, for example).