Social media sites are popular targets when it comes to hacking. LinkedIn was targeted last year, with details of over a hundred million users put up for sale on the dark web. Even Facebook founder Mark Zuckerberg had his accounts compromised, and according to a study by the University of Phoenix, almost two-thirds of US adults believe their social media accounts have been hacked. Fortune 100 brands experience at least one attack on their social media channels each business day, sometimes with disastrous effects.
You might think your business is safe. After all, why would anyone want to hack your accounts? The thing is, hackers often don’t do what they do for money or to hit big names. It has become almost like a sport for them, and we are all targets.
Hacked social media accounts can be inconvenient and annoying for anyone, but for a business, it can be devastating and ruin the brand’s credibility. Not so long ago, hackers managed to access the Twitter account for Burger King and wasted no time in changing their profile picture to a McDonald’s logo. Burger King is a well-established, multinational brand and they could gain control of their account quickly. Could your business do the same? Follow these 6 steps to help keep your company’s social media accounts secure.
1. Practice Good Password Hygiene
A strong password is the first step in good social media security. Make sure you change your social media passwords regularly and ensure each password is a meaningless string of letters, numbers, and special characters. It goes without saying, that you shouldn’t write your passwords down or share them with others.
Wherever possible, use two-factor authentication (2FA). This means you need more than just a password to access an account. Each time you log in, the site will send a unique passcode to a mobile number registered to the account. If you have several people monitoring your social channels, this may be inconvenient. However, there are always ways around it. For example, you could use third-party apps such as Hootsuite or Sprout Social, which allow you to easily manage access rights for individuals.
2. Educate Employees
All employees should receive some basic training in social media security. More than 60% of enterprises allow their staff to use personal devices to access corporate data, so it is important that your staff know what to look out for, both on their own accounts and on company pages. If a member of your team has their account hacked, the hacker may well target their place of work first, posting unsavory messages on your company’s social channels.
3. Produce a Social Media Policy
A formal social media policy means that everyone can be aware of what the standards and expectations are. This doesn’t need to be a lengthy document but should include details of what is considered good practice. Among many other things, it could specify that all devices used to access the organization’s social media accounts are password protected and are locked when not in use. It could also explicitly state that passwords should not be written down or passed around among employees (unless authorized to do so) and should be changed every 90 days.
4. Limit Access
Choose carefully which staff members have access to your social media accounts. You could even consider using third-party management tools such as Sprout Social or Hootsuite, as this allows you to give them access to social accounts, without having password access. Always keep a log of exactly who has access to which accounts, and ensure it is audited and updated regularly.
Passwords should be changed whenever staff members leave, even if they leave on good terms. Employees are often the weakest link when it comes to social media security. In 2013, UK staff at HMV found themselves undergoing redundancies, and their Twitter account quickly hit the news when Tweets started appearing declaring, “We’re all being fired!” The tweets were, of course, later deleted, but nothing is ever completely removed from the Internet, and screenshots abound of tweets that look bad for the brand.
5. Check Access Rights for External Tools
There are hundreds of tools available that help you to schedule and manage your social media accounts, such as IFTTT, Hootsuite, and Buffer. It’s important to regularly audit which apps have access to your accounts. If you no longer use a certain app or don’t recognize its name, revoke access, to help keep your account secure.
6. Make It a Role Within the Company
Rather than giving access to everyone on the team and then waste time trying to monitor it, consider hiring a Social Media Manager to take care of your social media channels. Hire someone who will be fully trained and educated in your social media policy and best practices. They should not only update your accounts regularly but also monitor your brand’s presence online and look out for any signs of a problem.
Social media is an unavoidable part of any good marketing strategy—and social media security is a vitally important part of that. Make sure your social media channels are not vulnerable to attack. What are you doing to protect your businesses social media channels? Share your tips in the comment box below, or tweet us @smxplorer.