Facebook Security Settings Guidance

FACEBOOK SECURITY SETTINGS GUIDANCE

1. Introduction. Whilst it is accepted that Social Networking is part of the way in which we live, it would appear that personnel are generally unaware of the vulnerabilities, associated with openly providing a vast amount of personal information on the internet. During Defence Internet Monitoring activity, it has been identified that a number of Facebook users, have not controlled access to their information, from general viewing on the internet. This vulnerability may lead to a number of outcomes, identity theft or compromising personal or family & friends’ information. Defence are currently reviewing the ‘Online Engagement’ and ‘Interaction with Social Media’ guidelines and will be providing updated guidance on these areas in the near future.

2. Aim. The aim of this document is to give guidance to military users, who wish to know how to apply privacy settings to their Facebook profile.

3. Concerns. Social network sites already provide a belligerent with an extensive open source intelligence gathering tool. An open profile additionally provides a significant amount of personal information, which may be exploited for financial or targeting purposes.

4. Summary. Any users of Facebook therefore, should be made aware of the increased risk of maintaining an open profile on a social networking site. It is therefore requested that this document is distributed as widely as possible, on the proviso that it is advising and not instructing personnel to review their privacy settings.

A. Minimum Recommended Security Settings. B. Enhanced Recommended Security Settings. C. Places I Checked Into.

A-1 MINIMUM RECOMMENDED SECURITY SETTINGS

Description. Following the steps detailed within this document will ensure the minimum recommended level of security for a user personal profile are applied, whilst still enabling the functionally for other users to search for you and add you as a friend.

Step 1. Log into Facebook.

Step 2. Click on the account drop down menu, as at Step 2.1 and select the privacy settings option shown at Step 2.2 below in Figure 1. Step 2.1

Step 2.2

Figure 1

Step 3. Select the view settings option shown at top of the page under Connecting on Facebook, as at Figure 2 below.

Figure 2 Step 3

A-1 Step 5

Step 4

Figure 3

Step 4. Click on the drop down arrow next to each heading and select the options as detailed in Figure 3. To set the “Only Me” options, click Custom, as at Step 4.1, in the “These people” drop down menu, only me, as at Step 4.2, then save setting as per Step 4.3 below:

Step 4.2

Step 4.3

Step 4.1

Figure 4

A-2 Step 5. On completion of Step 4, click on the “Back to Privacy” tab in top left corner of the screen see Figure 3.

Step 6. Select the customise settings option, under the “Sharing on Facebook” heading, as per Figure 5 below:

Step 6

Figure 5

Step 7. Click on the drop down arrow next to each of the options and change the settings as shown in Figure 6.

A-3 Step 14

Step 7

Step 8

Step 9.1

Figure 6

Step 8. Remove the tick from ‘Include me in “People Here Now” option’. This stops the user’s location from being associated to other users on Facebook, see Figure 6 for details.

A-4 Step 9. For “Friends can check me into places”, click the edit settings option, as per Step 9.1, as at Figure 6 above. Select the drop down menu on the right of the pop up screen and select disabled, as per Step 9.2 of Figure 7 below. Finally click the OK/okay button in the bottom right of the pop up as at Step 9.3.

Step 9.2

Step 9.3

Figure 7

Step 10. Once complete click the “back to privacy” tab to go back to the previous screen. The final step is to control what can be shared via applications and websites. Click on “Edit your Settings” option found under “Applications and Websites” sub heading, at the bottom of the screen, as at Figure 8.

A-5 Figure 8 Step 11. On the “game and application activity” sub heading, select ‘Only Me’, via the drop down menu. As shown at Figure 9 below:

Step 11

Step 12.1

Step 13.1

Figure 9

Step 12. Next edit the settings for the “Info accessible through your friends”, by clicking on the edit settings button, as indicated in Figure 9 Step 12.1 above. Uncheck all tick boxes and click the “save changes” button as per Step 12.2 at Figure 10 below.

A-6 Step 12.2

Figure 10

A-7 Step 13. Remove the option for the account to be searchable outside of Facebook. Click the edit settings option next to “public search” as indicated by Step 13.1 at Figure 9, and then make sure the enable public search tick box is unchecked as per Step 13.2 below. Click “back to applications” button, in the top right of screen, as per Step 13.3 as at Figure 11.

Step 13.3

Step 13.2

Figure 11

Step 14. In order to review the profile to confirm that all of the changes have been made, click ‘Preview my Profile’ as at Figure 6 above. The profile should look identical to Figure 12 below in content viewable.

Figure 12

Step 15. It is advised that users review all of their friends and ensure that they know who each friend is.

A-8 ENHANCED RECOMMENDED SECURITY SETTINGS

Description. Following the steps within this annex, will make a profile un-searchable by people, with the exception of those whom have been added to the user’s friends list. It is advised that users review all friends and ensure that each friend is varied as a friend to the user. Failure to do so, a majority of the security settings will be negated.

Step 1. Log into Facebook.

Step 2. Click on the account drop down menu, as at Step 2.1 and select the privacy settings option shown at Step 2.2 below in Figure 1. Step 2.1

Step 2.2

Figure 1

Step 3. Select the view settings option shown at top of the page under the Basic Directory Information heading, as at Figure 2 below.

Figure 2 Step 3

B-1 Step 5

Step 4

Figure 3

Step 4. Click on the drop down arrow next to each heading and select the options as detailed in Figure 3. To set the “Only Me” options, click ‘Custom’, as at Step 4.1, in the “These people” drop down menu, ‘only me’, as at Step 4.2, then save setting as per Step 4.3 below:

B-2 Step 4.2

Step 4.3

Step 4.1

Figure 4

Step 5. On completion of Step 4, click on the “Back to Privacy” tab in top left corner of the screen see Figure 3.

Step 6. Select the ‘customise settings’ option, under the “Sharing on Facebook” heading, as per Figure 5 below:

Step 6

Figure 5

Step 7. Click on the drop down arrow next to each of the options and change the settings as shown in Figure 6.

B-3 Step 14

Step 7

Step 8

Step 9.1

Figure 6

Step 8. Remove the tick from ‘Include me in “People Here Now” option’. This stops the user’s location from being associated to other users on Facebook, see Figure 6 for details.

B-4 Step 9. For “Friends can check me into places”, click the edit settings option, as per Step 9.1, as at Figure 6 above. Select the drop down menu on the right of the pop up screen and select ‘disabled’, as per Step 9.2 of Figure 7 below. Finally click the ‘OK/okay’ button in the bottom right of the pop up as at Step 9.3.

Step 9.2

Step 9.3

Figure 7

Step 10. Once complete click the “back to privacy” tab to go back to the previous screen. The final step is to control what can be shared via applications and websites. Click on ‘Edit your Settings’ option found under ‘Applications and Websites’ sub heading, at the bottom of the screen, as at Figure 8.

B-5 Step 10

Figure 8 Step 11. On the ‘game and application activity’ sub heading, select ‘Only Me’, via the drop down menu. As shown at Figure 9 below:

Step 11

Step 12.1

Step 13.1

Figure 9

Step 12. Next edit the settings for the “Info accessible through your friends”, by clicking on the ‘edit settings’ button, as indicated by Step 12.1 at Figure 9 above. Uncheck all tick boxes and click the ‘save changes’ button as per Step 12.2 at Figure 10 below.

A-6 Step 12.2

Figure 10

A-7 Step 13. Remove the option for the account to be searchable outside of Facebook. Click the edit settings option next to ‘public search’ as indicated by Step 13.1 at Figure 9, and then make sure the enable public search tick box is unchecked as per Step 13.2 below. Click ‘back to applications’ button, in the top right of screen, as per Step 13.3 as at Figure 11.

Step 13.3

Step 13.2

Figure 11

Step 14. In order to review the profile to confirm that all of the changes have been made, click ‘Preview my Profile’ as at Figure 6 above. With the exception of the profile picture, the profile should look identical to Figure 12 below.

Figure 12

A-8 FACEBOOK PLACES

1. A new software application has been introduced in to Facebook called Facebook Places. This service will post your current location if you “check in” using a mobile phone application or the Facebook ‘Touch’ website. Dependant on the privacy settings of an account, this can make the location available to both the users friends, and other users who are checked into the same venue. Your friends can also check you in to venues should they so chose by default. The following steps enable this function to be disabled:

Step 1. Click Account then Privacy Setting. On the first page that appears click Customise settings.

Step 2. Under Things I share Heading, disable “Include me in "People Here Now" after I check in” box by un-ticking the box. If you wish to ensure you don’t share anything from Facebook Places, then change the “Places I check in to” tab to only me by clicking on the drop down menu on the right, choosing Custom, then Only Me, then Save Settings, as at Figure 1 below:

Step 2

Figure 1

Step 3. To stop other users from posting your location on Facebook, under the “Things others share” section click the Edit Settings tab to the right of “Friends can check me in to Places”. Click the drop down menu, and choose “disabled” as per Figure 2 below:

C-1 Step 3

Figure 2

Step 4. Then un tick the boxes as indicated below, once completed click on Save Changes, then Okay on the confirmation screen, as per Figure 3 below:

Figure 3