Archive for January, 2009

Facebook Protection – Part 2

January 20th, 2009 No comments

This adds onto the basic level of security that PART 1 covers from this series. Entering into Facebook for the first time has a certain level of intimidation to it. Shortly after you setup a profile in Facebook, you are inundated with requests from friends and people you vaguely remember, asking you to open up your personal information to them, all in the sake of keeping connections with people.

While it is the lack of animosity that makes Facebook successful over open platforms like MySpace, there is a certain amount of information we do not really want to disclose with everybody. We still want to share our vacation pictures with all of our friends and family, but perhaps not the classmate you had in preschool, whom you really don’t know any more.

This is a general template of steps you can take to protect your information from everybody, while continuing to share your life with the people that matter most.

Step One – Setup some Friends Lists.Step 1 - Create a Friends List Before you create a list for your bowling league or all of your classmates, understand that we want our lists to profile the person itself, not how you associate with them. You may have somebody at work that you do want to share with, while others you do not. To start, setup a list of friends which we will call “Limited Profile”, for the sake of this example.

At the time that I wrote this, there is an unfortunate clause that you won’t be able to make a friends list until you have 10 friends.

Step Two – Define the permissions
There is a high level of granularity available on what you can make open or restrict people from accessing, on your profile. Now that you have at least one friends list setup, you can use the Privacy Settings in your account to define how people in this group will see your information.
Once you are under Privacy Settings, you can configure individual settings for your Profile Page, who can find you in a Search, your New Feed, and what applications can access. We want to focus on the Profile section, and controlling what people can or cannot see about us.

There is a lot of options on this page, and two really powerful features that I love. Number one is that very first setting, which defines who can see your profile at all. If you change this setting to only viewable by your friends, you do not have to individually go down each other setting to keep any non-friends from seeing your profile.

The second feature on this page was the ability to type in a friends name at the top of the page, and it will show you an example of what your profile will look like, when that friend visits the page.

Step Three – Sorting
When you add a new friend to Facebook, you have the option to add them to a friends list when you accept their invitation. Make that part of your routine, after you setup a couple of layers or levels of visibility for people. Also become aware of content that you add. When you add a new photo gallery for instance, take a few seconds and apply the permissions.

If done correctly, you will end up with a very flexible, yet powerful system to protect your information.

Addendum – College Mode
If you are in college or school, and think this permissions thing is something to consider later, consider this. Your parents will be on Facebook soon. The college you go to, is already on Facebook and is watching the pictures you uploaded last night. The perspective employer whom you are trying to get your foot in the door with, is doing a search on Facebook to see what is out there for them to find. You can’t control who posts up pictures of you, but you can minimize visibility of who can find them.
Create a low visibility friends list, for your professors. When you see the invite to add them in, add them to the list, which will exclude items like “tagged photos of me”, or even status update.

Categories: IT Perspectives Tags:

Facebook Protection – Part 1

January 12th, 2009 No comments

Facebook may have been around for a few years, but it is only gaining momentum now in the population. Last week I held a training course, covering tips on how to secure your Facebook information. Through a show of hands, a clear majority of the group had only signed up for Facebook within the past 6 months. I don’t need a set of analytics to tell me that Facebook’s growth rate is increasing with exposure. When Facebook reaches the masses in a non-technical manufacturing industry, it is reaching the masses of Middle America.
Facebook Growth Rate

Yearbook CollectionI have only been on Facebook for a little over a year, yet this recent surge in growth is redefining Facebook itself, and how we use it. We are being pulled out of the private groups or elite networks of friends, into a trampling mob of acquaintances that you met along the way. It reminds me of every “coming of age” movie when having the ultimate house party when your parents are away sounds like the best plan ever. Then you find out that everybody is all of a sudden your friend, and when the doorbell rings, you better be ready with an answer to let people in or not.

Last week I had to pull out my old yearbooks, just so I could have a reference manual for some of the friend requests coming in. While I appreciate that I left a lasting impression on so many people over the years, I really didn’t intend to share with them some of my closer moments in life.

The good thing is, Facebook is not your parent’s house. They have lined up some powerful tools to help you sort people into specific room, or perhaps even let them sit outside the window if they really aren’t the friends you thought they were.

Basic Security
There are some basic security settings I typically preach to everybody, and are important to review first. Facebook itself is a method for people to connect to you. If they need your address they can ask. Otherwise, keep the extra information off your profile.

  • Remove the year from your birthday.
  • Use your town and state, but do not put your street address.
  • Turn off Beacon (Settings – Privacy Settings – Applications – Settings)
  • Turn off Facebook Connect ( Settings – Privacy Settings – Applications – Settings)
  • Do not make your Profile Public ( Settings – Privacy Settings – Profile – Basic – Settings)
  • fb_profile_onlyfriends1

    Use a real profile picture.
    This is hard for a lot of people who don’t like pictures of themselves. You will help weed out those people asking us to join their network or group, as they can identify who you are. Adding a picture of your dog or kid doesn’t help if the person hasn’t seen you in 20 years. On my first search, I came up with 425 Stephen Burke accounts in Facebook.

    Now that we have some basics in place to protect us a little, we will talk about sorting and filtering what people can see in part 2.

    Categories: IT Perspectives Tags:

    vendors embrace marketing curves not technology innovation

    January 5th, 2009 1 comment

    As a company we have a heavy reliance on vendor support. Take a small IT staff and outsourcing to smaller vendors becomes invaluable to keep things running with few hands.
    The vendors however are not always on the curve of technology, or even looking ahead in technology. In many cases they have been caught behind the marketing schedule of technology. Some vendors seem reluctant to implement the new technology until it becomes an industry standard. By that time however, there is a new technology coming out and your decisions have more options available.

    We found this out more than anything when we approached our virtualization implementation this past year. First of all, I had an instant love of virtualization. You will find very few people out there who don’t sit back and appreciate how it is changing the operations of everything, once they grasp the concept. Once you appreciate that how flexible it makes your ability to approach backups, disaster recovery, or even patch mitigation, it is almost enough to bring a tear to your eye.

    We started virtualizing things servers just for the sake of doing it, almost because the act itself became easy and entertaining. There is this great episode of Malcom in the Middle, where Hal, the father, rents a chipper to take care of a fallen tree. Dewey (the youngest), throws a toy in the chipper on purpose. There is that uncomfortable pause by the father in anticipation of reprimand, but something changes on Hal’s face. The next few minutes are of the boys and dad running around finding everything they could, just to throw it in the chipper, out of excitement of their new found toy. At least with virtualization there is no risk if it doesn’t make it through the chipper, but the entertainment factor was still there. The excitement is over at the end where they throw a bag of confetti in the machine.

    Our vendors however, were not so quick to throw their items in the chipper. When we approached the new Exchange 2007 server, there was no doubt we wanted to virtualize it, as it has made our operations so much easier. The vendor had a different plan, and coming from a proud group of Microsoft Certifications, they fell back to the Microsoft documentation to back their case. If you read the documentation, it is pretty clear that if you get to a point where Microsoft can’t troubleshoot a problem, they may be to require you to take your server out of a virtualized environment. To us, that was an acceptable risk, knowing the last time we really called Microsoft for support was years ago. For our vendor it was a sin beyond sins. They would not be part of such blasphemy and vagrant disregard for our own technological safety.

    The story does have a virtualized ending, and we have been running Exchange 2007 just fine in VMWare, but there is a strong lesson to be had, when approaching vendors. Having a vendor certified in all of the technology is important, but not valuable to make your decisions. Getting stuck with a vendor that has one core partnership, may have a vested interest in only supporting that one focal point, as it is all they know. Recognize that their suggestions, recommendations, and policies are coming from one viewpoint, and use it as applied knowledge among the vast array of solutions out there. Also recognize that Microsoft was busy developing their own virtualization system, and had a stronger interest in not supporting everybody else’s.

    Categories: IT Perspectives Tags: