Although more than 80 percent of the respondents to a new survey conducted by the Ponemon Institute expressed concern about the security of social media, more than half of these same individuals admitted they do not take any steps to actively protect themselves.
The survey, sponsored by ProtectMyID.com, also revealed that individuals who have been victims of identity theft are just as likely to be lax in securing their personal information online as those who haven’t. In fact, survey results from identity theft victims and non-victims are virtually identical.
Other key findings:
• Approximately 65 percent of users do not use high privacy or security settings on their social media sites.
• More than 90 percent do not review Websites’ privacy policies before using them.
• Approximately 40 percent share their physical home address on social media.
All of these practices increase users’ vulnerability to identity theft.
The risks involved may not be limited to the individual user. According to a Robert Half survey conducted in October, 2009, 46 percent of corporations permit some use of social networks during the workday. Nineteen percent permit use for business purposes only, but 27 permit at least some personal use.
“The risks of identity theft through social media are not limited to personal damages, as professional and corporate data can also be compromised as a result of such breaches,” said Jennifer Leuer, general manager of survey sponsor ProtectMyID.com. “Oftentimes, through social engineering, an individual’s personal data is used to access secure corporate databases, and this can be the same type of information which is shared regularly across social media pages and profiles.”
The reason users expose themselves to obvious risks seems to lie in an “it won’t happen to me” mentality. Although most survey respondents expressed concern about online security and privacy, nearly 90 percent did not feel that identity theft was a likely risk from using social media sites. In fact, over 40 percent said they would continue to use a site even if they knew it did not adequately protect their privacy or security.
Safe Social Networking at Home and within the Enterprise
According to ProtectMyID.com, users who want to protect themselves and their companies must:
• Avoid passwords that can be easily cracked. These include passwords with common information such as the user’s home town or a pet’s name.
• Always log off when away from their computer – or use a secure screen saver.
• Use antivirus software and keep it updated to foil keystroke loggers and other malware commonly used for identity theft.
• Avoid using wireless networks that are not secure.