Here’s a real dichotomy: Social channels are the most overlooked area for cybersecurity, yet more than 25% of an organization’s marketing budget and employees’ time is dedicated to it. Social represents the perfect storm for bad actors: billions of people on trusted sites that are often less visible than emails or websites.
Yet, given the current privacy breach brewing with Facebook, Cambridge Analytica, and 50 million FB users, you may be left wondering what your company can do to keep this type of problem at bay.
Today’s post will focus on a phased process that will not only limit your exposure to social media cyberattacks, but it will also keep your online brand presence and reputation intact.
Step 1: Start with a Social Media Audit
Google your company name.
- How many social accounts come up?
- Is your organization active in each one? Regarding inactive or imposter accounts, delete or report them ASAP.
- Is the information on each site correct? Check the:
- Name
- Address
- Telephone Number
- Company website
- Operational Hours
- Fix all the about sections, including making sure team members and their bios up-to-date.
Review your digital footprint monthly, quarterly or bi-annually.
Check your network privacy settings, access, publishing privileges and recently identified security threats.
Step 2: Implement a Social Media Policy
According to Edelman, 52% of the public believes a company’s employee is an acceptable brand spokesman. It is vital to establish what they can and cannot say about the company on their channels, what policy violation consequences curtail and what a user should do if they suspect hacking has occurred.
Review and/or update the policy on a quarterly or bi-annual basis.
Curtail the number of individuals authorized to post on the company’s behalf.
One administrator is too small and 15 people too many. Establish two-three admins with total control over the pages. Remove privileges if they violate your policy or when they leave the firm.
Let employees know the consequences.
Believe it or not, most cyberattacks are due to accidental actions. Execute your policy based on authenticated intent.
Step 3: Train and Engage Employees
Encourage them to use two-factor authentication.
This second security level ties their login credentials to their phone. Since Facebook, LinkedIn and Google+ do not require a separate sign-in to access your company page, this is a good way to secure it.
Avoid password reuse.
Each channel should have their own unique passcode consisting of a combination of lower and upper-case characters, numbers and symbols. Most experts agree passwords that are 14 characters or longer are the most secure.
Update all privacy and security settings regularly.
Tell them what to do if an attack happens.
Guide users through a process when they think their account has been hacked.
Step 4: Hire JoLee Consultants to Monitor Digital Channels
In 2016, phishing attempts on social media increased 500% compared to the year before. Scams rose 150% on Facebook, Instagram, Twitter, and LinkedIn. In a year-to-year comparison, it’s estimated these threats went up exponentially in 2017.
Our firm can identify phishing links, fraudulent accounts, scams, and even fake coupons. We constantly scan for threats. Our system helps block malicious URL and IP addresses before they penetrate your business. We can also train your employees about social media best practices. Call us at 516-208-2554 to learn more about our total protection package!