New and proficient users of LinkedIn alike tend to overlook the potential privacy and security issues related to the platform. I’ve written extensively in the past about potential risks of fake profiles and social engineering, but I’ve never dived into the actual security and privacy settings.
But recently I’ve helped a friend to set up and account for the first time and was forced to take a closer look into my accounts’ settings. I did not like what I’ve found. On one hand, LinkedIn has made it very easy to access and configure these settings. On the other, the default option of most of these is “On”, or lesser security. But as we online security and privacy are our own responsibilities, I’d rather focus on explaining how to manage these better (I’ll save my criticism for LinkedIn for a later day, they can do a lot more in terms of securing their users and mitigating fraud).
What do I need to do?
Define a solid, unique password
Start with the basics- define a robust password, and make sure it a unique one (see this article about the risk of password re-use.
And change it from time to time
LinkedIn now tells you how long it has been since you last changed your password. Mine’s been the same for a little over 2 years, which means it badly needs a change.
Activate 2 factor authentication
It is highly recommended that you activate this feature, which mandates to use 2 step when trying to set up an account on a new device or recreate a forgotten password.
See how many devices and locations are signed in
We access LinkedIn from multiple devices and locations. We often forget and might be logged in on some forgotten PC or device we no longer use. Check it and kill all devices you don't use on a regular basis.
Check how many Email addresses are associated with your account
If you are like me, you've accessed your account from multiple positions and companies, including some you no longer work for. Given that email addresses are often stolen and sold you are leaving the door wide open here- so cancel the association of unused email addresses with your account.
Check which applications are associated with your account and limit data sharing with 3rd parties
Almost any application (web or mobile) asks our permission to connect to our account and is granted access to our entire data. We grant permission and forget about it, but the 3rd party can continue to access our data long after we've stopped using it.
Remove applications you no longer use and block sharing of information with 3rd Party apps you did not specifically signed to.
Decide which parts of your profile are showed as part of your public profile
LinkedIn profiled are searchable both from within LinkedIn and through Google, so you can decide which parts of your profile are shown to the world.
Download a copy of all your activity
Thanks to data privacy laws, LinkedIn must provide you (up to 24 hours) a copy of all your data that reside within the system. Or you can simply download your contacts. You decide.
Bonus Tip- Translate your profile
This is a nice little feature LinkedIn now offers- you can create multiple profiles in different languages (you do need to translate it yourself, though).