I am often asked, “What are the best settings I should have for my Facebook account?” And of course, I reply, “the worst settings are no settings at all.” I don’t know if that helps much, but it does make a valid point. If you don’t take the time to review your account settings, on any social media platform for that matter, then you run the risk of account compromises and clones.
Recently I had the opportunity to be a guest on The Police Podcast with Tim Burrows, where we discussed the issue of settings for law enforcement and the implications they can have. I’ve seen a large number of “spoofed” law enforcement accounts used for the sole purpose of scamming legitimate followers for cash. One recent incident involved a high ranking executive with a large a sheriff’s department. Luckily that spoofed account was caught very early on in the process.
So we all know that we need to review our personal Facebook settings, but what if you have an official account representing a law enforcement agency? The setting choices you make could be conceived as not being open and transparent and could potentially block public access to the very information you are trying to share. The last thing you want is for your department to be dragged into litigation because of restrictions placed on your official agency account.
So for the next few paragraphs, I will stick to what I recommend to other law enforcement officers and agencies. Please check with you agency regarding your social media policy and procedures.
So from this point, I will assume you are reading this post for answers to settings for your official agency Facebook settings I feel are the most important.
LOGIN NOTIFICATIONS: First and foremost, make sure you have login notifications set to “Email” or “text message”. You want to be notified anytime your account is accessed. Even if it is you. I just set a “Rules” in my Outlook and they go straight to my FB notifications folder.
LOGIN APPROVALS: Use Facebook's 2-Factor authentication system. The caveat to this is that you must have a cellphone added to your profile account. If you are issued an agency phone, go ahead and add that one. I chose to use the Facebook code generator instead of text messages.
REVIEW BROWSERS AND APPS: This feature will give a clear indication of what systems are currently logged into your account or what systems have logged into your account in the past. If you do not recognize a system, you can immediately shutdown access to your account by clicking, “End All Activity”.
PRIVACY SETTINGS AND TOOLS
WHO CAN POST ON YOUR TIMELINE: Set to ONLY ME. You don’t want anyone posting to your timeline that could be construed as an endorsement by either you or your agency. And… I’ll leave it at that.
WHO SEES TAG SUGGESTIONS: Set to: OFF. When someone uploads a picture of you to Facebook, based on facial recognition it will suggest your name for that photo. Now, if you are reading this article, I would have to assume that you are an official spokesperson for your agency? So needless to say, putting a name to your face is quite easy. However, I still recommend turning this option off. As you can see below, most other settings are also set to, “Only Me”.
I used to recommend for official law enforcement profile accounts, if a person friends you, you should friend them back. This was of course before Facebook implemented the "Follower" feature. This works very similar to Google+ "Subscriber" feature. What I now like about Follower feature is that you no longer have to friend a person back. If you do not accept a friend request, basically ignoring the notice, that friend request will turn to a follower.
So you are probably asking, Why not friend them back? The reason is, if someone wants to set up a fictitious account for the sole purpose of scamming Facebook users, they will often follow as many law enforcement public profiles that they can. Once they do this, your profile picture, you know...the one of you in uniform? That picture is now front and center on their profile page in the "Friends" box for everyone to see.
Finally, the last setting also deals with security and protecting your account from spoof attacks. The primary goal for anyone to spoof your account is for credibility in their nefarious scheme. The scammer needs victim's and who better else to victimize then your innocent followers. How do they know who your followers are? Because they are publically displayed on your profile page in the "Friends" box. So lets turn that option to ONLY ME.
To get to the edit option for this setting, go to your profile page and in the box to left labeled "friends", hover your mouse pointer to the upper right had corner of that box and a pencil will appear. Click that icon and select, "privacy options". This is where you will want to set this option to "only me". Now, only you will see your friends list when visiting your profile page.
These 7 settings my not seem like much, but when trying to secure your account while remaining open and accessible to the public, it can be difficult. I treat my social media platforms just like being on patrol. During your shift, you must be accessible to the public and assist in whatever way possible. That doesn't mean you must compromise your safety along the way. At the end of the day, it's all about ending your shift safely and that includes your travels on the internet. Let me know what you think. If you have suggestions for other settings, please let me know in the comments. As always, be safe.