This time, we’ve invited Andrius Januta, our cybersecurity technical manager at Nord Security, to cut through the noise and give you some strategies that actually work. The interview is moderated by Sigita Jurkynaitė, Information Security Manager at Nord Security.
Not sharing is caring (about your privacy)
Sigita: Let’s talk about something we all deal with every day — social media and online safety. We’ve all seen how much personal information gets shared on these platforms, and many of you have asked whether this creates security risks. To help us navigate this topic, I’d like to bring in Andrius Januta, our cybersecurity technical manager.
Are we sharing too much personal information on social media platforms, and does this make us vulnerable to hackers?
Andrius: It depends on your situation. If you’re an influencer, oversharing comes with the territory. But for most of us? Yes, we’re definitely sharing too much without thinking about whether it’s actually sensitive information.
But oversharing boundaries keep shifting. What we considered too much five or ten years ago seems normal now. We keep pushing those limits without realizing it.
Sigita: What specific information should we avoid sharing?
Andrius: Don’t post your home address, personal phone number, birthdate, or any more personal data. Cybercriminals might piece together details that seem harmless and use them for illegal purposes. Also, be careful about posting photos that might reveal where you are right now or what your daily routines and routes are.
Here’s something important to keep in mind — most online services we use daily actually require us to provide this personal information when we sign up. Unfortunately, when those services get breached, all that information ends up exposed. And data breaches are happening each year.
This doesn’t mean you should give up trying to protect your information — quite the opposite. The more places your sensitive details appear online, the higher your risk becomes. You can’t control whether a service you use gets hacked, but you can control how much additional personal information you voluntarily share on social media. Keep those private details as protected and hard to find as possible.
Don’t post your address, phone number, birthdate, or photos that show where you are.
Sigita: So what’s the solution? Stop using social media entirely?
Andrius: That would be ideal, but that’s not happening for most people.
The art of being multiple people
Sigita: What’s a more practical approach to your privacy instead of getting off social media completely?
Andrius: Create multiple accounts. In security, we call them puppet accounts — separate accounts that aren’t linked to each other. You can’t use the same email for all of them, so you end up with different online identities for different purposes. For example, have one Instagram for personal photos where you control who follows you, and another for public content. Keep them completely separate.
Create multiple accounts for different purposes.
Sigita: How do you manage all these accounts without going crazy?
Andrius: Password managers like NordPass are lifesavers. It’s impossible to remember all those passwords otherwise. And reusing the same password for all accounts is probably the worst thing you can do. Also, use browser profiles. I have one Chrome profile for work and another for personal stuff. It keeps everything separate and actually helps you mentally switch between different modes.
Sigita: What about reviewing old posts?
Andrius: When did you last check what you posted five years ago? Those old photos might contain way more personal information than what you’d share today. Do a regular cleanup.
Sigita: Any specific warnings for professional platforms like LinkedIn?
Andrius: Companies posting job ads often reveal too much about their infrastructure. Instead of saying “we need someone with Microsoft Exchange 2012, Windows Server R2 experience,” you should just say “Microsoft products experience.” Save the specifics for interviews.
Sigita: What about privacy settings?
Andrius: Always choose the highest privacy settings available. Review them everywhere — Facebook, Instagram, LinkedIn, and wherever else you are. But keep in mind that even if you only accept people you know as friends, the friends of friends can often still access your information through them.
Always choose the highest privacy settings available.
Your privacy is only as strong as your least privacy-conscious friend’s settings. And sometimes people think they’re safe because they don’t post much, but then their spouse, kids, or siblings are sharing everything about them.
Social media security tips and tricks (and 2FA)
Sigita: What can we do right now to improve our privacy on social media?
Andrius: First, don’t share too much. Second, always disable location features and remove location information from your posts. Personalizing social media status updates with live GPS location is a popular but risky practice. And third, enable two-factor authentication on all your social accounts and use unique passwords for each platform.
Sigita: Let’s talk more about two-factor authentication. How important is it really?
Andrius: It’s critical. Two-factor authentication makes it incredibly hard for hackers to break into your accounts. You should enable 2FA for email, social media accounts, and financial services. Does 2FA stop hackers completely? It stops most of them and drastically reduces your risk, even if it won’t protect you from every attack.
Sigita: Some people think setting their account to “private” solves everything. Is that enough?
Andrius: It’s a good start, but don’t confuse account privacy with data privacy. Even with a private account, the platform is still collecting massive amounts of data about you for advertising and other purposes. The key is understanding that privacy settings control who sees your content, but they don't stop the platform from harvesting your data. So remember — check the privacy policy and think before you create an account.
Sigita: Any final advice for staying safe on social media?
Andrius: Read the social media site’s terms of service and privacy policies — yes, I know they’re long, but at least skim through them. If you don’t like the collection practices, use your right to opt out of data sales and targeted advertising where possible. But remember — if you’re uncomfortable with a website or service’s core data collection practices, your best option is choosing not to use that platform at all. Instead, look into privacy-focused alternatives.
Keep in mind that there are scams and hackers out there trying to trick you. Watch out for phishing scams — it's where scammers pose as customer support staff on social media to steal your login information. Whenever you receive a message pressuring you to take immediate action, treat it as a red flag and check with the service provider directly — ask them if the message really came from their staff.
I know this might sound tedious, but get into the habit of checking your privacy settings regularly. Social media platforms love to tweak their policies and reset your defaults without making a big announcement about it. To avoid the hassle, set a monthly reminder on your phone to review your account settings, especially after app updates, because platforms are constantly rolling out new features that come with their own privacy settings you’ll need to adjust.
Set a monthly phone reminder to review your account settings.
Online security starts with a click.
Stay safe with the world’s leading VPN
