This article was published on November 11, 2014

The guide to tightening your social media security

The guide to tightening your social media security
Ritika Puri
Story by

Ritika Puri

Ritika Puri is a San Francisco based blogger who writes about trends in business, internet culture, and marketing. She's inspired by the int Ritika Puri is a San Francisco based blogger who writes about trends in business, internet culture, and marketing. She's inspired by the intersection between technology, entrepreneurship, and sociology.

The Internet is a dangerous place—and no brand is safe. As IBM’s Security Services 2014 Cyber Security Intelligence index points out, there were 1.5 million cyber attacks in the United States in 2013.

This year, retailers such as Home Depot, Apple, PF Chang’s and even Dairy Queen have confirmed data breaches. Many of these security breaches resulted in—or will result in—material losses to consumers.

data breach financials

Brands are taking a hit, too.

The <3 of EU tech

The latest rumblings from the EU tech scene, a story from our wise ol' founder Boris, and some questionable AI art. It's free, every week, in your inbox. Sign up now!

Social media accounts have been hacked, altered, and used to spread political and anti-corporate messages. Profiles and followers have been lost, and even brand images have taken hits.

The worst part about cyber crime is that it’s seemingly out of your brand’s control. No matter what precautions you take, there is always a risk of getting hit.

But pulling your company off social media is simply not an option, as the value of this marketing channel far exceeds the risk of a potential security breach. According to one report, social media is expected to unlock value in excess of $1.3 trillion in coming years.

Companies need a game plan to balance the best of both worlds: security and growth. The challenge is that marketers tend to be trained in one but not the other. Social media leaders know how to build relationships with their stakeholders and audiences, but they’re often disconnected from the needs of their neighbors in IT.

The reality is that the majority of social media security risks arise from simple scams and easily avoided mistakes:

  • Hacked email accounts
  • Passwords being shared between team members
  • Malware
  • Untrained staff using corporate social channels

There are five simple steps that can dramatically improve a company’s social media policy without interfering with a company’s everyday momentum and growth goals. Here’s what your company’s security, privacy, and compliance teams can do to get started:

1. Educate team members

It takes seconds to sign up for a Facebook profile or Twitter feed. It’s easy to get up and running with social media—and equally easy to overlook the micro-decisions that we make with every single Tweet or status update.

That’s why it’s important to take a step back and teach your employees about cyber security so team members know how to use social media securely. Employees should be taught to avoid spammy and potentially compromising links. Training programs should extend beyond basic education into advanced areas including social media etiquette and building a follower-base.

Instead of developing a training program from scratch, companies can consult available programs from resources such as Hootsuite University.

2. Centralize social media operations

When your business grows, you’ll need more people to help with everyday operations. More team members will be experimenting with social media and creating accounts on multiple networks.

What ends up happening, as a result, is corporate account overload. These unmoderated accounts can pose potential security risks, which is why you need to keep your social media operations under one roof.

Get started with an audit of all of your company’s social media accounts. Make sure that every profile corresponds to a specific team, person or area of ownership. You should delete any “extra” accounts and restrict permissions to the team members who need it.

You can then consolidate operations by connecting your social media profiles to a platform like Hootsuite.

3. Create a strong password management strategy

It’s not safe for multiple people to access a social media profile with the same shared passwords. The more accounts that companies have, and the more social networks they’re a part of, the more passwords that they will need to share with their team.

If your accounts are managed with one program using a simple password, you’ll put your entire social media program at risk. All it takes is one breach for a hacker to gain access to your entire company.

Last year, Burger King's Twitter account was hacked to look like McDonald's.
Last year, Burger King’s Twitter account was hacked to look like McDonald’s.

To get started, your team needs to build a strong and complex password. Consider using a password management tool with the ability to generate a complex password on your team’s behalf. Take the “human” aspect out of password generation.

4. Implement a messaging approval system

Rogue Tweets and status updates are a business’s worst nightmare. All it takes is one employee mistake to accidentally post a personal message to a corporate accounts. Nobody is immune, not even the most high-performing teams or trustworthy team members.

One way to avoid a regretful typo is to implement an editorial process within your organization. This isn’t meant to stifle creative freedom but to ensure that every public-facing message is on-brand and on-point.

When your brand has millions of fans and followers, you can’t afford to take any risks. You need to make sure that every message makes a strong impact. An editorial process will help add structure to your social media program’s content strategy.

5. Prepare for the unexpected

No matter what steps your company takes, there is always a chance that something could go wrong or that something could slip through the cracks. An account could get hacked, or your smartest team member could accidentally push the wrong button.

It happens.

As a fail-safe, your team should always have a crisis plan in place in case something happens. These plans should be simple and flexible. Remember that security breaches are unpredictable, so you need to be prepared to act quickly.

You can even identity areas of improvement by working with consultants who can provide added perspective.

Final thoughts

Expect something to go wrong. There’s no need to be paranoid, but you should always operate with the assumption that something will probably go wrong.

And it will be okay.

Whatever you do, be prepared to take action. Structure will help. Agility will help even more.

Read next: How to correct a social media blunder

Get the TNW newsletter

Get the most important tech news in your inbox each week.

Back to top