Is Your Company at Risk for a Social Media Meltdown?Are you using social media to advance your brand and engage with prospects online? If you are, it’s a smart decision because it is an incredibly effective tool for spreading the word about your product or solutions. But have you developed a policy that helps to manage the risks associated with social media engagement?
During this past year there have been many notable incidents that involved both hacking of social media accounts and bogus email schemes. Check out these stories about Burger King and Jeep. The blog I just linked to is posted on the New York Times online publication. But the New York Times itself was hacked in an embarrassing episode. In another incident the Associated Press Twitter was hacked a few months ago resulting in the White House having to deny that President Obama was injured.
I recently talked with Jeff Jones Senior Security Architect at Abacus Solutions, an IT Solutions provider about social media security issues. Jeff works with companies to develop cyber security policies and he shared that part of the security conversation is advising CMOs about how to set security policies that protect social media outreach from being hi-jacked or compromised. Here are Jeff’s insights about identifying and managing risks:
- CMOs should consider creating a security policy that specifically addresses social media. The best place to start in any security policy is to identify where your most valuable and at-risk data lies and in the case of social media the number one concern is passwords and access.
- Make sure you understand who has password access to your company social media. Passwords for accounts should never be shared. Being able to manage and track who had access passwords is critical in preventing mishaps and identifying who is responsible for misguided or malicious posts.
- If you need to allow multiple users access to Twitter, consider using a 3rd party solution like GroupTweet so that the primary credentials are secured while allowing multiple accounts to contribute. This will eliminate the need for users to share the same password.
- Use the latest Twitter log-in verification. This process sends a message to the cell phone requesting verification of each login request. Don’t forget to save the backup code.
- For company Facebook pages, the settings should be carefully reviewed to avoid being hacked, allowing profanity to get posted, releasing personal information, etc. A good article for configuring these settings can be found here.
- Outline a posting policy. Identify employees who are authorized to post for the company social media sites without approval. Make sure employees who are not on this list understand the approval process. Create a policy that identifies who will respond to users to avoid multiple and confusing responses.
- Alert employees to sophisticated email phishing schemes that lure them into divulging their passwords.
- Let employees know what your guidelines are for talking about company business on personal social media. This is a delicate balance. Everyone has a right to free speech on their personal platforms. And, in fact, many employers encourage employees to spread good news or links to content. But employees also need to be reminded about the consequences of violating confidentiality agreements or spreading malicious rumors.
- Jeff suggests that the same tools marketers use for tracking mentions in social media conversations, can also be used to track negative social media threads. If the instigator is an employee, actions can be taken to inform the employee of any confidentiality breaches. In addition to free Google alert searches, check out IceRocket. Paid tools like Social Oomph or Sysomos allow you to actively monitor blogs, forums, and social networks.
Another point that Jeff makes to CMOs is that social media security policy is only part of the conversation about protecting your brand. Creating an overall security policy will help ensure that you have identified your most important and proprietary data, and then properly secured and labeled it as confidential. Employees should sign security agreements to remind them of policy, access restrictions, and consequences of violating policy.
Many thanks to Jeff Jones for sharing his insights and recommendations on social media security. Mr. Jones, (CISSP CCNP-Security), is a Senior Security Architect for Abacus Solutions, an IT Solutions provider in Marietta, GA.
Social media is delivering significant rewards to companies that integrate it into their marketing mix. It is a competitive differentiator that helps to get content in front of prospects in a more engaging way. But it also comes with some risks. Our advice – don’t deep-six your social media out of fear of the dangers. And don’t get deep-sixed by failing to put in place and implement smart safeguards. Instead, understand and manage the risks and reap the rewards.
More Social articles from Business 2 Community: