The Social Path

In recent weeks, hackers and viruses have reared their ugly heads more frequently and successfully than we've seen in a while. And worst of all, they're not just coming through our outdated email addresses and Friendster; they've crept across Facebook and our beloved Gmail.

Facebook already has stepped up to the plate by offering a secure HTTPS connection, and now Gmail has followed suit by rolling out an advanced login option.

You can check out the official Google Blog for details, but, in summary, they have built a thorough system - to a fault. It all starts simple enough...

Step 1: Open your account settings and select 2-step verification.

Step 2: Download the Google Authenticator App on your phone and scan the QR code on your computer.

Step 3: The QR code will give you a six-digit code that randomly regenerates every minute. Just type that code into the next screen.

Step 4: You're then provided 10 backup codes to print and store in a safe, easily accessible location, should you lose your phone.

Step 5: Finally, you input a backup phone number, should all of this fail you.

Step 6: Just when you think it's over, Google determines if you use a phone or desktop application, and then you'll have to get another code ... and then I passed out from sheer exhaustion. 

The whole process really only takes 15 minutes and can secure your whole Google world, which is truly fantastic. I had to log out and start over because my randomly generated codes were repeatedly rejected but the second time was the charm. 

I've never been hacked, so maybe I have a rosy disposition, but I just didn't deam this necessary for my Gmail. However, this could be a vital tool for independent contractors or others who run their companies from their Gmail accounts. Just clear some time and get organized before diving in or you'll burn up a lot of time going through the process.

P.S. - To all the hackers out there, I didn't secure my Google account with the codes pictured above so don't even think about hacking me.

Kammie Avant is a social media planner for Luckie & Company. You can contact her by e-mail or follow @KammieAvant on Twitter.

Photo credit: Truthout.org on Flickr.

While it's clear that marketing teams across America have warmed up to Facebook, there's still a bit of a chill coming from the IT and HR departments.

According to an analysis of 2010 by Web service OpenDNS, Facebook was the most-blacklisted site of the year among corporate networks.

Facebook was blacklisted by 14.2% of the networks serviced by OpenDNS, compared to a mere 2.3% that blocked Twitter.

To be clear, Facebook is still far more tolerated in the workplace than pornography (85% blacklisted) or gambling sites (58% blacklisted). But among sites that are specifically blocked by name, Facebook is king.

Here's are the numbers, per OpenDNS' annual report (click to download as PDF):

Top 10 Blacklisted Websites

1. Facebook.com —14.2%
2. MySpace.com — 9.9%
3. YouTube.com — 8.1%
4. Doubleclick.net — 6.4%
5. Twitter.com — 2.3%
6. Ad.yieldmanager.com — 1.9%
7. Redtube.com —1.4%
8. Limewire.com — 1.3%
9. Pornhub.com —1.2%
10. Playboy.com — 1.2%

(Warning: several of the URLs listed above are not safe for work.)

And in case you're curious, here are how sites were blocked by category in 2010:

Top 10 Blocked Categories

1.Pornography — 85%
2. Sexuality — 80.1%
3. Tasteless — 77.3%
4. Proxy/Anonymizer* — 76.2%
5. Adware — 69%
6. Nudity — 67.2%
7. Hate/Discrimination — 58.7%
8. Lingerie/Bikini — 58.5%
9. Gambling — 58%.
10. Drugs — 57.3%

So what do you think? Should Facebook be prohibited or encouraged in the workplace? Let us know in the comments.

Hat tip to SmartBlogs.com

David Griner is a social media strategist for Luckie and Company and contributing editor for Adweek’s blog, AdFreak.com. You can reach him by e-mail or on Twitter.

It's been a long time coming (shockingly long, actually) but Facebook has finally launched a secure HTTPS connection. However, in true Facebook fashion, they want you to work for the reward. 

It's not that your privacy has been compromised at Facebook headquarters in Palo Alto, Calif. - it's the coffee shop that you frequent around the corner that's the bigger concern. Until now, any individual using the same connection as you can download software to access and hack your account. You may have noticed that simple "S" on the end of HTTP if you've ever shopped or handled banking online; it simply means secure and makes all the difference in the world when it comes to keeping you safe while you surf. Now, with an HTTPS connection, you will be as  protected on Facebook as you are when you bank online.

All you have to do is select Account Settings from the drop down menu on the top right of the page. Scroll down to Account Security and select CHANGE. You can decide if you'd like to be alerted every time your account is accessed from a new location (even when you are the one accessing it) but it's crucial to select "Browse Facebook from a secure connection (HTTPS)" whenever possible.

Facebook hopes to make HTTPS the default setting soon but for some reason they're currently rolling this out as optional. Check out what Facebook had to say about it on their blog.

Kammie Avant is a social media planner for Luckie & Company. You can contact her by e-mail or follow @KammieAvant on Twitter.

Photo credit: Cassandra Baker on Flickr.

Does your workplace have explicit rules about how employees can use social media? Does it spell out Facebook and Twitter by name and dictate details down to the blog disclaimers and avatar photos?

If so, it's probably not as effective as your HR managers might think.

Why? Because giving social media its own HR policy isn't cutting edge. It's short-sighted. Your company's time and energy would be far better spent developing a policy that can be universally applied to all types of digital communication — e-mails, forums posts, blog entries, tweets, status updates, etc. 

Trying to create a unique policy for each digital tool is like trying to stomp out a colony of ants one bug at a time.

Digital communication is simply evolving far too fast for any workplace to keep up with. If all you did was amend your HR rules each time Facebook changed its formatting, sharing options or privacy settings, that alone would be a full-time job. Why spend your time chasing the wind?

In its new (and free) white paper, "Is Your Acceptable Use Policy Social Media-proof?", online protection firm M86 Security tackles this issue of creating guidelines that encompass social media without getting too lost in the weeds.

It's a good read, even for us rank-and-file types. And while I don't agree with all their takeaways, it's definitely a sound starting point for managers looking to cover their bases.

Throughout January, The Social Path is running daily tips on how to improve your social life — online, at least. Click here to learn more. 

You know you should do it. I know I should do it. And yet, none of us does it.

Code-locking your phone is the single easiest thing you can do make your personal information incredibly more secure. But because it adds a minor annoyance to our lives, almost no one bothers.

An unlocked phone is an open invitation for thieves to pillage your life on a level that makes household burglary look like a stolen hubcap. Your contacts, your calendar, your ma ps, your Facebook, your e-mails, your photos, your texts, your Tweets...the scope of information available in today's phones is terrifying when you imagine it falling into the wrong hands.

That's exactly what happened to the wife of Chicago Tribune columnist Mark Bazer, who wrote a popular piece last week called "Congratulations on your new iPhone!" Bazer's writeup walked the thief through the many great features of the phone, which had been snatched right out of the owner's hands while she was waiting for a train:

"My wife, in the one whole month she was using your phone, downloaded some great apps  for you. The Facebook app, for example, works just like regular Facebook, and should allow you to easily join the Facebook Groups "iPhone Thieves" and "People Who Make Other People Cry."

"My wife also downloaded a great app to help if you're planning to redecorate your home, another if you're looking to get into pilates, and another that helps locate the nearest pawn shop."

While Bazer's column conveys the frustration of a stolen phone, what he doesn't discuss (perhaps because it's not funny at all) is how your entire identity is left vulnerable when a phone gets grabbed.

Whatever your phone model, I'm willing to bet it's got a PIN-lock system that won't add too much frustration to your life.

The iPhone offers several settings that make the code a little less cumbersome for daily use. For example, you can set your phone to go idle every minute for power saving, but only require a password every five or 15 minutes.

If you want some Mission Impossible-level protection, you can turn on a setting that erases all data on your iPhone after 10 failed passcode attempts. (All these options can be found in the "Passcode Lock" section of your iPhone's Settings menu.

Whatever your phone model, please consider taking this small step toward better security in a disarmingly dangerous world. This isn't like asking you to use the parking brake every time you leave the car. It's like asking you to take your keys and your kids with you.

Benefits: Improved security for your data, your identity and your life in general.

Coming tomorrow: OK, enough doom and gloom about security. Let's talk about shopping!