This is a re-publish as I move the highlights over from my website to the new series of blogs.
We all know the basics of OpSec like a broken record…pretty much don’t talk about anything dealing with dates, locations, names, or what people are doing. Most of us are aware enough to watch our Facebook status, but with new Facebook applications and settings a lot of things are starting to slip through without thought. My Facebook account has been active since pretty close to when Facebook started up. If you are like me then it is a great way to keep in touch with so many old friends across the country. So, like me, if you have been a part of Facebook for so long then you may not always think to check the new settings. Facebook has been great with keeping their services “fresh” by constantly adding new things; however, many of the default settings are not ideal for personal security nor military security.
The Air Force, as well as several joint military services bases, have just put out advisories reminding of the potential security breaches by applications. The specific concern that came up is the “Places I check in to” application which has a default of notifying. If you want it not to notify where you are accessing then you need to manually go to your Facebook Account under “Privacy Settings,” and then scroll to the bottom where it says “Applications, Games, and Websites.” In that screen under “Information accessible through your friends” it has the option to un-check the box for “Places I check in to.” The military concern is that adversaries are able to access information of where military members are putting them at risk. On a personal security note…does anyone really want the world to know where they are at that moment? Not only does that put you personally at some sort of risk, which I know that for families of deployed military they brief that sometimes spouses and family members are targets as well, but it also lets people know that you are not at home. Last year there was a big article about someone’s house getting robbed by a Facebook acquaintance because the person posted they were going out. I know that I personally wait until I have returned from a location to let people know where I have been…this is also why on here I may know something fun that will be happening, but I won’t share until I’ve been there myself or I will give only general information so that anyone can attend so that my family has their own security.
Another somewhat recent addition from Facebook is “Instant Personalization” which falls under the same applications page. This feature allows other websites, that have partnered with Facebook, to share information about your visit to their website with your friends. This is a personal call on how much information you really want shared with the people on your Facebook. Instead of harping on this setting, I will instead ask the question of how well do you know the people on your Facebook? Being that I have information about my family on my Facebook, I only accept friends that I know personally…with an exception for a good reason here or there. I also go through periodically to thin out my friends list…were we actually friends in high school or did we just share a class and I do not really know you? Reality, it is a personal decision. Who do you want knowing information about you and how much information? If you do not want partner sites sharing information, then you need to manually un-check that option.
The third area of current concern is the “Public Search.” I know that personally I had switched all of my security settings to friends only because I did not want information getting out about me. I did not know that even after I did that, I had to go to “Public Search” and manually un-check that option as well…okay- let’s be honest- I did not know that option even existed. I received an email style message on my Facebook the other day from someone that I had not seen in years and that person mentioned thanking my soldier for his service. I was a little thrown off at the time because I was curious how my old friend knew that I was married to someone in the military because I try to be careful about what information was public and I had not contacted this friend in over 10 years. The “Public Search” option shows a scaled down version of my profile which included me saying that I was an “Army wife.” I thought that part was only viewable to my friends, especially since I already fixed all of my security settings. It was also viewable who my husband is under the “married to.” Back to the original topic of OpSec, that gives both of our information to everyone and if there were adversaries, then our information links both of us.
This article is not meant to scare, but just a little reminder of Facebook settings both for operational security and your own family’s personal security. Also, don’t get me wrong- not all security breaches are the fault of Facebook applications. I currently know of soldiers that have their overseas base listed as their current location or have their APO mailing address posted on their page. This warning does not just go to military as I see many teenagers giving away a lot of their family information. It boils down to just remembering to use your Facebook wisely as well as reviewing not just your settings but your children’s settings as well. I would hate to see someone’s hard earned Christmas walk out the door because they posted that they checked in at the local mall while visiting Santa or posted that they planned to attend a holiday party.
No comments:
Post a Comment