Is your business advertising on social media? Great. Are your coworkers engaging with your business page? Even better.
But like most areas of the internet, there can be a dark side to social media — we’re talking about cyber threats. As harmless as they may seem, your business’s social media accounts can put your business at added risk for targeted phishing scams, malware, and even misuse by well-meaning employees.
What do we recommend? A comprehensive social media policy and security measures, of course! Our Tekmanagement team has put together a list of six top recommendations for keeping your social media presence secure, safe, and cyber attack-free.
Require 2-Factor Authentication
Facebook even helps out a little here…if you’re going to be an Admin of a Business Manager account, you must have 2-Factor Authentication set up. This is new to the Facebook Meta Suite, and we’re big fans. You can also set up optional 2-Factor Authentication on your Instagram, LinkedIn, and Twitter accounts. Here are the set-up instructions for each platform:
Maintain a Consistent Social Media Policy
It’s important to set expectations for social media use in the workplace, to protect both your business and your employees. Your social media policy can be a part of your employee manual, and should include the following:
- Rules about confidentiality and personal social media use in the office
- Social media activities to avoid, like quizzes that ask for personal information
- Who is responsible for publishing or commenting on your social media accounts
- Guidelines about copyrights and engaging with competitors
- Guidelines on effective password creation and management
- Expectations for keeping software and devices updated
- Who to notify if a security concern arises
Train Employees on Social Media Phishing
Phishing scams aren’t limited to texts and email inboxes. Malicious links can appear in social media posts, too, even from well-meaning connections. Safeguard your company against phishing scams by offering regular training and awareness programs (like our Scam of the Week emails). Ongoing training on the latest scams will teach your team to be extra cautious when engaging with your business — or on behalf of your business — on social media platforms.
Use Management Tool for Access and Tracking
Employees may come and go from your organization…but your social media passwords and access shouldn’t go with them. It’s critical to have a system in place that allows you to revoke permissions when someone leaves or changes roles. You can use a management tool that provides access to posting on your social media business pages, without giving direct passwords. Many programs, like Hootsuite or Sprout Social, offer various levels of permissions for people who are posting, drafting, approving, commenting, or managing other users.
Conduct Regular Audits
Along with managing social media access, it’s also important to audit your platforms regularly. Double check your privacy settings, review employee publishing privileges, comb through direct messages to find any recent scams or threats, and make sure your social media policy is being followed.
Choose Your Connections Carefully
You may be leading a security-conscious team, but not everyone in your social network will be as vigilant. When choosing your connections or following other accounts, be mindful before clicking the “Allow” or “Follow” button. Someone you follow may unknowingly share a malicious link, and clicking that link could put your business in danger. Be cognizant of who you connect with, and don’t grow your social networks without paying attention to who you’re following and what they’re posting.
Ramp Up Your Business’s Cybersecurity
Social media is a playground for cyber criminals who have the tools to attack your business and employees, from password theft to social engineering. The best way to stop your business from being targeted is to employ strong safety measures in the first place. Attackers are less attracted to accounts that are harder to break into! To get more information on educating your team, or setting up multi-factor authentication, or auditing your social media systems, give us a call.