Software // Social
News
2/18/2014
01:58 PM
Connect Directly
Google+
LinkedIn
Twitter
RSS
E-Mail
50%
50%

LinkedIn Privacy: 5 Safety Tips

Protect your LinkedIn account by browsing securely, keeping your activity private, and recognizing signs of malicious behavior.

7 Super Certifications For IT Pros
7 Super Certifications For IT Pros
(Click image for larger view and slideshow.)

Earlier this month, LinkedIn killed a controversial feature called "Intro," which embedded LinkedIn profiles into emails received by iPhone users. While LinkedIn defended the feature, it ultimately disabled it after drawing criticism from some security experts who were worried it could open up users to hackers.

While LinkedIn dropped Intro before it could cause problems, it's equally important for users to take control and understand their privacy and security settings in order to make smart decisions about what information to share, which links to click, and what features to opt-in to.

Here's a look at five steps you can take to be safer and smarter in using LinkedIn.

1. Enable two-step verification
To help protect your account against hackers, LinkedIn lets you opt-in to two-step verification. This security method uses both your account password plus a numeric code sent to your mobile device to protect against unauthorized access.

To turn on this feature, navigate to your Privacy & Settings page. You can find this by clicking the drop-down menu below the profile picture in the top-right corner. (You might be asked to submit your login credentials.) Click the Account tab and select "Manage security settings." Then, click "Turn On" under the "Two-step verification" section, enter your mobile phone number and click "Send Code." Once you receive the code, enter it into the box to sign in.

[Get noticed by recruiters and land your next gig. Read 10 Top LinkedIn Tips And Tricks.]

While two-step verification is the most secure measure you can use on your account, it requires a new code each time you sign into LinkedIn from a device the website doesn't recognize. If you choose to disable it, LinkedIn will forget all previously recognized devices and you'll only need your username and password to sign in.

2. Opt into secure browsing
HTTPS is a web browser protocol that lets you peruse websites securely. While certain parts of LinkedIn use a secure connection -- such as your sign-in page, advertising tools, and payment pages -- LinkedIn is working on making this the default setting across its website. In the meantime, you can turn on this feature for all of LinkedIn yourself.

Start by navigating to your Settings page. Click the Account tab, then click "Manage security settings." Check the box that says "A secure connection will be used when you are browsing LinkedIn." and click "Save changes."

LinkedIn recommends that you turn this feature on if you visit it regularly from WiFi hotspots at libraries, cafes, or airports, for example. Note that as it works on making this a default setting, there may be certain parts of its site that include content from third parties that may not support HTTPS. You may see warnings or notifications on these pages. You can turn this feature off at any time.

3. Disable activity broadcasts
Whenever you update your profile, LinkedIn broadcasts this activity to your connections. If you're beginning a new job hunt and don't want your current employer to see your latest activities, LinkedIn lets you mute your activity broadcasts so your changes are kept private.

To turn off your LinkedIn activity broadcasts, go to your Privacy & Settings page. Click "Turn on/off your activity broadcasts." This option is found in the Profile tab at the bottom. Then uncheck the box.

4. Browse LinkedIn anonymously
If you're looking for a new job, know this: Every time you browse a LinkedIn member's profile, that person receives an alert with details about who's looking. How much information the person sees about you -- whether it's a vague description such as "IT manager at Microsoft" or your name -- is up to you.

If you prefer to remain anonymous, change this setting. Navigate to your Privacy & Settings page and click "Select what others see when you've viewed their profile," under the Privacy Controls subhead in the Profile tab.

You can choose to have your name and headline displayed, agree to anonymous profile characteristics such as industry and title, or choose to remain completely anonymous. When you've made your selection, click Save changes.

5. Recognize fraudulent emails
Spam and phishing emails are common, LinkedIn said, which is why it's important to recognize them. Here's what LinkedIn said you should look out for:

  • LinkedIn won't ask for your sensitive personal or financial information via email.
  • All valid LinkedIn messages will contain a security footer.
  • LinkedIn will not ask you to open an email attachment or install a software update.
  • Legitimate messages will not contain bad spelling or grammar.
  • Emails will not contain a threat. For example: "Your account will be deleted unless you act right away."
  • Links in emails will always direct you back to LinkedIn. Hover over a link with your cursor to see where it's going before you click.

The NSA leak showed that one rogue insider can do massive damage. Here are three steps to keep your information safe from internal threats. Also in the Stop Data Leaks issue of Dark Reading: Technology is critical, but corporate culture also plays a central role in stopping a big breach. (Free registration required.)

Kristin Burnham currently serves as InformationWeek.com's Senior Editor, covering social media, social business, IT leadership and IT careers. Prior to joining InformationWeek in July 2013, she served in a number of roles at CIO magazine and CIO.com, most recently as senior ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Laurianne
50%
50%
Laurianne,
User Rank: Author
2/19/2014 | 3:28:11 PM
weird connection requests
I can't be the only one who worries when the volume goes up for connection requests that seem "off" in some way.
David F. Carr
50%
50%
David F. Carr,
User Rank: Author
2/19/2014 | 10:11:04 AM
Re: Hasn't LinkedIn been relatively trouble-free?
For that matter, the info that you willingly publish about your background, career and connections can be used in social engineering tricks. No IT-level hacking required.
Marilyn Cohodas
50%
50%
Marilyn Cohodas,
User Rank: Author
2/19/2014 | 7:58:09 AM
Re: Hasn't LinkedIn been relatively trouble-free?
Totally agree, Kristin. The fact that you don't buy things on LinkedIn makes it less of an economic risk. But there is a lot of personal information -- your resume, work history, recommendations from colleagues -- which could be used by a clever cyber crook to trick people into revealing information through social engineering. 
Kristin Burnham
50%
50%
Kristin Burnham,
User Rank: Author
2/18/2014 | 8:05:59 PM
Re: Hasn't LinkedIn been relatively trouble-free?
You could argue that there's less of a risk with a site like LinkedIn -- you don't likely have personal pictures or sensitive credit card information, for example. But as Marilyn mentioned, no site impermeable. Better safe than sorry.
Thomas Claburn
50%
50%
Thomas Claburn,
User Rank: Author
2/18/2014 | 6:41:38 PM
Re: Hasn't LinkedIn been relatively trouble-free?
I'm surprised LinkedIn doesn't use HTTPS by default. 
Marilyn Cohodas
50%
50%
Marilyn Cohodas,
User Rank: Author
2/18/2014 | 4:54:25 PM
Re: Hasn't LinkedIn been relatively trouble-free?
Not so trouble-free, Dave. LinkedIn was hacked in June 2012 when passwords for nearly 6.5 million user accounts were stolen by Russian cybercriminals. And again last fall along with Facebook, Google, Yahoo, Twitter and 93,000 other websites where hackers stole usernames and passwords for nearly 2 million accounts.
David F. Carr
50%
50%
David F. Carr,
User Rank: Author
2/18/2014 | 4:21:11 PM
Hasn't LinkedIn been relatively trouble-free?
I've never thought of LinkedIn as being as much of a security hazard as Facebook (although I've rarely had problems with FB either).

Aside from the app mentioned in the article as a potential hazard, have there been any significant patterns of problems with LinkedIn privacy? Maybe it's just that I don't try very hard to protect my privacy on LinkedIn - strikes me as a place where you want to be found. Aside from the occasional spam connection request, I have few complaints.
Brian.Dean
50%
50%
Brian.Dean,
User Rank: Ninja
2/18/2014 | 2:59:05 PM
Great tips
In this day and age it is very easy to use LinkedIn, whether to connect with professionals or find discussion groups that focus on a specific topic, etc. All this ease can turn into a headache fairly quickly, if proper security and privacy measures are not employed by users. I just hope more people stop using passwords such as "123456" or any other passwords that's non-secure.
Social is a Business Imperative
Social is a Business Imperative
The use of social media for a host of business purposes is rising. Indeed, social is quickly moving from cutting edge to business basic. Organizations that have so far ignored social - either because they thought it was a passing fad or just didnít have the resources to properly evaluate potential use cases and products - must start giving it serious consideration.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest - July 22, 2014
Sophisticated attacks demand real-time risk management and continuous monitoring. Here's how federal agencies are meeting that challenge.
Flash Poll
Video
Slideshows
Twitter Feed
InformationWeek Radio
Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.