Facebook provides users with powerful controls to protect themselves online, but it's up to individuals to check and ensure that appropriate settings are in place. Facebook makes a point of saying on their guide to privacy that they "do not give — and have never given — anyone's data or personally identifiable information to advertisers."
Facebook does, however, allow third-party applications to access information that you make public. And any information you share through with friends can be shared to applications as well — should you choose to allow it. As noted below, we recommend that you do not.
Privacy settings: Applications, games and websites
| Option | Sophos recommends | Why? |
| What you're using |
Check and remove any applications you're no longer using and/or are unfamiliar with |
Facebook now gives users an easy way to remove applications from their profile, and remember applications can be anything from games to quizzes to website giveaways. You'd be surprised how quickly the list of applications you're using can grow! Remove any that don't look familiar to you or that you're no longer using. Any application you use has access to your information and provides a potential avenue for your information to be leaked or stolen. Reduce this risk by reducing the number of applications you use. |
| Game and application activity |
"Friends Only" at a minimum, consider making a custom group |
This option is more of an etiquette issue than anything else. If you have a group of friends that you play games with, consider creating a custom group just for them so only they can see your game-related posts and requests. |
| Info accessible through your friends |
Uncheck everything |
Checking any option on this list allows an application that a friend uses — one that you might not even use — to access that information about you. In general, the less you have under your control, the more vulnerable your information. |
| Instant personalization |
Make sure it is unchecked |
This is an opt-in option to have Facebook partner websites (like Yelp, Pandora and Microsoft Docs) pull your Facebook information and enable greater customization and sharing options. Though these sites are 'trusted partners' of Facebook, they add a layer of risk to your information. Double-check this page and ensure instant personalization is not checked. |
| Public search |
Make sure it is unchecked |
Sophos recommends you disable this option. If it is enabled then it allows search engines to index your information in addition to letting people find you on Facebook using an external search engine. There is no benefit to this, as you will only be linking up with people who are on Facebook. And remember, once your profile has been indexed by a search engine, you lose control over that information and over how long it can be seen. |