HEAT Security Blog

Key Steps to Navigate Around New Facebook Privacy Settings

What’s all the fuss about the latest changes on Facebook? Simply put, the changes mean that nearly everything that you place on your Facebook page can now potentially be made available to anyone surfing the Internet.

The latest Facebook changes are purported to be an enhancement to make the social networking site easier for people who are looking for you using a search engine like Bing or Google to find you on Facebook. For example, if an old friend was searching for you using any of the partial information they had about you such as any of the following; your home address, birthday, gender, phone number, networks, friend list, pages you are a fan of, etc., it would make it much easier for them to find you. Unfortunately, all of this publicly available information would also make the job of stealing your identity for a malicious identity thief all that much easier.

With this new search capability also come a host of new settings that you can use to restrict specifically who can see this information. While Facebook offers a transition capability that walks you through the settings, giving you the option to simply choose to use your old settings, there is no time better then the present to review your privacy settings on Facebook. Below is a step by step guide to help you navigate Facebook’s new privacy settings.

You can start by logging onto Facebook and then select settings:

The changes that may make your personal information publicly available are in the Privacy Settings area and can be found by selecting Manage Selection.

You can control the settings for your profile information, contact information, application and websites, and the new search capability as well as block specific people from interacting with you on Facebook. In a previous blog post I went over the details of the settings for applications and discussed the setting for what information about you can be seen and shared by applications. In this post, we’re focusing on ways to limit or restrict what information in your profile can be made available publicly. Select Profile Information to get to the new settings page.

There is a great deal of granularity available in these new Facebook settings. You really need to give careful consideration to each of them if you are concerned about maintaining your privacy. Each component of your profile now has the following selection options for who can view the information:

  • Everyone – making all of the information available to anyone via a public search engine.
  • Friends of Friends – making the information available to all of those in your friends list as well as all of the people in their friends list.
  • Only Friends – restricting the information specifically only to the people in your friends list.
  • Customize – allowing you to explicitly block individual you choose from seeing the information.

As you review each privacy setting option you will find that the new setting capability does give you a great deal of control over your personal information and how you choose to share that information. A good example is the settings for your Photos. You have the ability to use the settings noted above for each and every photo you have on your Facebook page.

Personally, I like the ability to block specific individuals from viewing specific photos. Perhaps it would be a good idea to block your HR manager and others at work from viewing your Christmas or New Year’s Eve party pictures.

In closing, just like every organization has a different tolerance for risk in network security – individuals also have different tolerance levels with respect to their privacy. This new capability in Facebook of making your personal information publicly available in public search engines will undoubtedly make it easier for a long lost friend to find you using a public search engine and may be of value to some users. However, in the current environment when considering the risk of identity theft minimizing specifically what personal information is exposed publicly is a prudent decision. I’ve also written about how to protect your Facebook privacy settings to avoid malicious attacks which you can view here.