The Latest in IT Security

LinkedIn Privacy

23
Jun
2011

Introduction

LinkedIn is a social network platform whose specialty is connecting professionals together to build relationships and create business opportunity. Recently the company became publicly traded and grabbed the attention of the world as its initial public stock offering more than doubled on the first day. Here we focus tools and options for user privacy on this professional social network. Previously I have written a similar blog about Facebook Privacy one may read here. It is worth noting that LinkedIn is working on new privacy and security features, so keep yourself informed. Akin to my Facebook Privacy blog, I set about showing a framework guide on what is available for LinkedIn Privacy and what one possible set of options looks like.

For a sample of what a profile looks like when browsing LinkedIn anonymously, view mine at http://www.linkedin.com/in/laudanski.

Your own mileage for options may vary because this network is indeed built to foster professional networking and opportunity. You may want to have enhanced advertising enabled. Whereas for Facebook you may want to lock down settings, here, you may choose otherwise. And there are many selections to choose from, and not all are in the same location. For instance, there are settings for Groups and each particular group you are part of.

Assumptions

For purpose of this blog, the following are assumed unless stated otherwise:

  • Desktop based web browsing,
  • A person already has a LinkedIn user account.

Social Networking/Cybersafety Survey

We recently conducted a survey via Harris Interactive to track concerns about privacy and security with respect to social networking sites. 87% of those who responded rate Security and Privacy as their highest concerns as shown below:

Figure 1: Security and Privacy Highest Consumer Concerns for Social Networking

And respondents also indicate that updating their privacy settings are done at very low frequencies if at all.

Figure 2: Privacy Setting Update Frequency

Settings and options are constantly evolving on sites like LinkedIn and Facebook, so it is important to check your own selections more often. Thus the purpose of this article, to spread awareness of where all the various options exist at LinkedIn and what those selections might offer. The most important thing to note is the status updates shown below and accessible on the homepage:

Figure 3: Status Updates

If a person enters something here (and perhaps through Twitter or a blogging platform), the information is accessible (defined by your privacy controls). Personally, I do not post my travel; however some folks do. There are external sites that track this kind of status update and raise awareness of these dangers. So be mindful of what you share.

For instance, I shared this blog and Claudio, another ESET employee shared it on his network:

Figure 4:Sharing Status Updates

Viewing my Profile one can see (based on my privacy settings) my status update:

Figure 5: Viewing a Profile

Logging In

Let us begin by stepping through a typical log in process. In order to maintain completeness, we start from zero. Here we see the usual home page for a person when they are not logged into the service.

Figure 6: LinkedIn Home Page – Not Logged In

Next, we observe what the login procedure:

Figure 7: Logging into LinkedIn

Observe that the connection during login is ‘https’ which translates into ‘secure browsing’. During our how-to, this is the one of the times https is enabled transparently by the provider. Another instance is during the Account Settings page.

Once successfully signed on, we step into the familiar LinkedIn user screen home page, a slice served below:

Figure 8: Typical LinkedIn user home screen slice

Account Settings

Now that we are firmly foot in the door at LinkedIn we want to hop over to account Settings located in the upper right hand portion of the page:

Figure 9: LinkedIn account Settings

We are taken to the following screen:

Figure 10: Account Settings Main Screen

Here we visit “Change” Primary Email, bringing up the following screen of options where email addresses may be removed or promoted to “Primary” from “Secondary”:

Figure 11: Add and change email addresses

Next we visit the Change Password option (to read more about password strength and techniques visit my blog on No Chocolates for my password please!):

Figure 12: Change Password

Profile

For the next set of options, I will be displaying what the screens look like so the reader may be aware of these settings.

Figure 13: Turn on/off your activity broadcasts

Figure 14: Select who can see your activity feed

Figure 15: Select what others see when you’ve viewed their profile

Figure 16: Select who can see your connections

Figure 17: Change your profile photo & visibility

Figure 18: Manage your Twitter settings

Email Preferences

Figure 19: Email Preferences

Figure 20: Select the types of messages you’re willing to receive

Figure 21: Set the frequency of emails

Figure 22: Select who can send you invitations

Figure 23: Set the frequency of group digest emails

Figure 24: Turn on/off LinkedIn Announcements

Figure 25: Turn on/off invitations to participate in research

Figure 26: Turn on/off partner InMail

Groups, Companies & Applications

Figure 27: Groups, Companies & Applications

Figure 28: Turn on/off group invitations

Figure 29: Turn on/off data sharing with 3rd party applications

Account

Figure 30: Account

Figure 31: Manage Social Advertising

Figure 32: Turn on/off enhanced advertising

Figure 33: Customize the updates you see on your home page

Figure 34: Customize the updates you see on your home page (Hidden)

Figure 35: Get listed in the service provider directory

Account Types

Account Types and the information available to those who purchase.

Figure 36: Promoting Opportunity

Figure 37: Account Types

Figure 38: See Expanded Profiles

Figure 39: Talent Finder Subscription

FAQ

As the reader can observe there are lots of controls for one’s account. Visit the LinkedIn FAQ available at http://linkedin.custhelp.com/app/answers/list/ when you have queries.

Figure 40: Frequently Asked Questions

Apps

Application Directory provides a user to add additional tools onto one’s profile.

http://www.linkedin.com/static?key=application_directory

Figure 41: Applications

Profile Edit

Editing one’s profile is also another location for choices to be made, available at http://www.linkedin.com/profile/edit. These are just some of the settings to be mindful of:

Figure 42: Edit Profile (Top View)

Figure 43: Edit Profile Personal Information

Groups

My Groups, http://www.linkedin.com/myGroups, is a place where a person can join discussions for a particular company or organization. Here is just one example:

Figure 44: My Group Directory Display Example

Figure 45: My Group Deep Dive Settings

Figure 46: My Group set to Open

When a Group is set to open, LinkedIn displays the following message when the reader enters:

“Previous discussions are stored in a read-only archive for members only. All new discussions can be seen by non-LinkedIn members, shared on Twitter and Facebook, and indexed by search engines.”

Account Closure

If a person is interested in closing their LinkedIn account, this is the process (just be mindful of the Privacy Policy restrictions):

Figure 47: Close Account

Companies

Companies are another location, http://www.linkedin.com/companies, to make adjustments. Here I provide examples of how one’s profile may show up for others.

Figure 48: Companies

Statistics http://www.linkedin.com/company/eset/statistics are available for viewing as well.

Figure 49: Companies Statistics

Profile Viewing

Who’s viewed your profile is a service that one may purchase. Here is some information to be aware of.

Figure 50: Profile Stats Upgrade

Figure 51: Upgrade Options

Connection Removal

Remove Connections is a page that enables the reader to maintain their connections.

http://www.linkedin.com/connections?displayBreakConnections

Figure 52: Remove Connections

Privacy Policy

Privacy Policy is a page that everyone should read. Here are a few quoted highlights:

http://www.linkedin.com/static?key=privacy_policy

Personal information collected

We collect information:

When you register an account to become a LinkedIn user (“User”), such as your name, e-mail, employer, country, and a password.

When you view and interact with LinkedIn pages, features, and functionality, including LinkedIn mobile applications, software (like adding to your profile, participating in Groups, uploading contacts, etc.), and platform technology (like “Share on LinkedIn” buttons or third party applications). We also collect your IP address, browser type, operating system, mobile carrier, and your ISP, and receive the URLs of sites from which you arrive or leave the LinkedIn website, or sites that have embedded LinkedIn platform technology.

Through cookies and other technologies that allow us to recognize you, customize your experience, and serve advertisements both on and off LinkedIn. Learn more about cookies, beacons in Sections 1G and 1H, below. You can opt-out of advertising off LinkedIn here.

When you interact with third party services available through LinkedIn like surveys, polls or other third party research undertaken with your consent.

Your Information Choices

You can:

Review, enhance or edit your personal information through your personal profile page;

Control what information you make available to search engines through your public profile;

Choose whether you install or remove any third party applications;

Control whether your profile information is shared with third parties through Developer Applications installed by your connections by clicking here;

Control the messages you receive from LinkedIn and other Users;

Change your settings to control visibility and accessibility through our website;

Control whether LinkedIn personalizes its professional plugins across the web using your LinkedIn account here.

Control whether LinkedIn uses your name and profile photo in social ads; and

Tell us to close your LinkedIn account.

Default Settings

Because the mission of LinkedIn is to connect the world’s professionals to enable them to become more productive and successful, we have established what we believe to be reasonable default settings that we have found most professionals desire. Because Users may use and interact with LinkedIn in a variety of ways, and because those uses may change over time, we designed our settings to provide our users granular control over the information they share. We encourage our Users to review their account settings and adjust them in accordance with their preferences.

LinkedIn accounts are also defaulted to allow Users to be contacted to participate in polls, surveys and partner advertising. Click here to change these settings.

Security Timeout

It is worth noting that after a brief period of time, LinkedIn’s default behavior is to prompt the user for their password to access Settings or other features of the site, shown below:

Figure 53: LinkedIn timeout password request

Progress

And, LinkedIn strives to improve itself so sometimes you may see this.


This concludes our awareness blog for LinkedIn and all the various tools available in locations around the site. I myself have been using LinkedIn for years professional and has been well worth it.

Thank you, Paul Laudanski (http://www.linkedin.com/in/laudanski)

Director of the Cyber Threat Analysis Center, ESET

Leave a reply


Categories

THURSDAY, MARCH 28, 2024
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments