Not that long ago, before data breaches dominated daily headlines, we felt secure with our social media apps. Conveniently, every website seemed to allow logging in with Facebook or Twitter instead of creating a whole new password, and families of apps quickly became their own industry. Third-party apps and games on social media platforms (remember Farmville on Facebook?) were allowed profile access en masse. Trivia games, horoscope predictions, personality quizzes \u2014 all seemingly secure and engaging diversions \u2014 let social media users enable some type of third-party app. <\/p>\n\n\n\n
Unfortunately, we now know that this left many of us, and our data, exposed to a potential breach<\/a>. <\/p>\n\n\n\n So we turned to Randy Abrams, Webroot\u2019s Sr. Security Analyst, for insights on how to keep third-party app breaches in check. The trick to keeping yourself and your loved ones safe? Information silos, both on and off of social media. <\/p>\n\n\n\n \u201cAs a rule, I leave my apps in silos, meaning I severely limit their connectivity level \u2014 especially when it comes to accessing my mobile device, \u201cAbrams says. \u201cApps for email, texting, and calling people do have a reasonable need for access to your contacts on the phone. Most other apps, such as social media apps do not need to be able to look up your unsuspecting friends.\u201d <\/p>\n\n\n\n Limiting the access your apps have to their direct functions will help keep you and your loved ones safe. Here\u2019s how to get it done. <\/p>\n\n\n\n Limiting your app\u2019s permissions may seem like a chore, but it is the best way to keep breaches from expanding in scope. We\u2019ve put together a mobile app permissions crash course to help you silo your sensitive data quickly and easily. <\/p>\n\n\n\n To monitor and edit an existing application\u2019s accessibility permissions on your device,<\/em> go to your Android\u2019s settings and tap Apps & Notifications<\/em>. From there, you will be able to locate all the applications that are active on your device. When you\u2019ve located the application whose permissions you would like to edit, simply tap the app and then tap \u201cPermissions\u201d to view and edit its current permission settings. <\/p>\n\n\n\n To review an application\u2019s accessibility permissions before you install it on your device from the Google Play Store, tap on the app you\u2019d like to install and click Read more<\/em> to bring up its detail page. Scroll to the bottom and tap App permissions<\/em> to review the app\u2019s requested permissions. After you install and open the application for the first time, you will be prompted to allow or deny application permissions (like access to your contacts or location). You can always edit the application\u2019s existing permissions later using the steps outlined above. <\/p>\n\n\n\n To monitor and edit an existing application\u2019s accessibility permissions on your device, go to the settings app Privacy <\/em>to see all the permissions available on your phone\u202f(like location services and camera access). Select the permission set you would like to review to see all of the applications with access, and revoke any permissions you\u2019re not comfortable with. <\/p>\n\n\n\n To review an application\u2019s accessibility permissions at install, <\/em>simply open the app and begin using it. The app will request permissions, which you can either allow or deny. You can always revoke permissions after they have been granted by following the steps outlined above. <\/p>\n\n\n\n Preventing social media applications from gaining unnecessary access<\/a> to your mobile data could help stop data breaches from spreading. But it won\u2019t stop the breaches themselves from happening. Leaving apps enabled entails large-scale security issues \u2014\u202fnot only for ourselves, but also for friends and family connected with us through social media. When we connect apps to our social media profiles, we expose not just our information, but the shared information of a broader network of connections \u2014 one that expands well beyond our immediate circles. In a startling example, only 53 Facebook users in Australia downloaded Cambridge Analytica\u2019s infamous thisisyourdigitallife app, but a total of 311,127<\/a> network connections had their data exposed through those users. That amount of collateral damage is nothing to scoff at. <\/p>\n\n\n\n \u201cFacebook is the company best known for leaking extensive amounts of data about users, usually by default privacy settings that allow third-party apps to access as much user data as possible,\u201d says Abrams. \u201cMost users had no idea they could control some of what is shared and would have a difficult time navigating the maze to the settings.\u201d <\/p>\n\n\n\n Facebook made a few reform efforts to help make managing third-party access to your account a little bit easier. Click on Settings <\/em>from the account dropdown menu, and then select Apps and Websites<\/em>. This should take you to a dashboard that will show your active, expired, and removed apps. It will also give you the option to turn off the capability for any third-party apps to connect with your profile. <\/p>\n\n\n\n From your account dropdown, click on Settings and privacy.<\/em> Click on the Apps and devices <\/em>tab, which will show all of the apps connected to your account. You can see the specific permissions that each app has under the app name and description. To disconnect an app from your account, click the Revoke access<\/em> button next to the app icon. <\/p>\n\n\n\n From a web browser, log in to your account and click the gear icon next the Edit Profile<\/em> button. Select Authorized Apps<\/em> to see all of the apps connected to your account. Click the Revoke Access<\/em> button under an app to remove it from your account. <\/p>\n\n\n\n Monitoring the access levels of your connected apps is a good start to keeping yourself and your loved ones secure, but it\u2019s not always enough. <\/p>\n\n\n\n \u201cIt must be assumed that all third-party apps are collecting all of the information on the platform, regardless of privacy settings,\u201d warns Abrams. <\/p>\n\n\n\nMobile App Permissions <\/h2>\n\n\n\n
For Android Users <\/h3>\n\n\n\n
For iOS Users <\/h3>\n\n\n\n
Removing Third Party Apps <\/h2>\n\n\n\n
Facebook <\/h3>\n\n\n\n
Twitter <\/h3>\n\n\n\n
Instagram <\/h3>\n\n\n\n
Building Secure Social Media Habits <\/h2>\n\n\n\n