Social Media at work…what could go wrong?
As a business, there is no doubt today that you need to have a presence on major social media platforms such as Facebook, Twitter, Instagram and LinkedIn. Even if social media doesn’t directly drive business to your door, businesses are required at a minimum to have a current presence on platforms. Those that don’t appear behind the times, outdated or too small to handle the extra work. Unfortunately, business social media sites can also serve as one more portal for cybercriminals targeting business data. In this post we talk about steps you can take to ensure your social media account doesn’t become a gateway for cybercriminals to access your company’s valuable data. Afterall, social media at work…what could go wrong?
Make someone accountable
The first step to a successful and safe social media experience as a company is to make someone in your organization accountable for it. Designate a social media manager who is responsible for maintaining your company’s social media accounts. This person should oversee everything–from the posts and pictures on your company account to approving/declining ‘Friend’/’Follow’ requests. The social media manager should be prepared to share statistics around the business’s social platforms weekly at team meetings. The number of followers a business has, the number of posts a business posts, the engagement those posts receive are all metrics the social media manager should be tasked with sharing. From a marketing perspective, increasing followers and engagement should be a goal for any social media manager. Maintaining a current, measurable report will ensure the social media manager is actively engaged on the platforms. This active engagement will help prevent cybercriminals from accessing a stagnant account. A designated manager will help ensure multiple business employees don’t have access to login credentials.
Train your employees
Of course you should train the employees who handle the business’s official social media accounts about the security threats and how they need to steer clear of them. It is also a good idea to train employees who are not on your social media team. Many employees actively interact with their employer’s social posts rendering them the weak link a cybercriminal could exploit to reach your business. Seem far-fetched? Not really. A lot of people trust their ‘friends’ on social media and unwittingly share a lot of information. This information can be used to hack their personal accounts and devices, which in turn, may act as a gateway to your business. Teach your employees about general social media best practices in terms of security and also educate them about the privacy settings they can use to ensure their data is shared with trusted individuals only. General social media best practices include:
Take the necessary security measures
Make sure the devices you use to access your social media accounts are protected with firewalls and anti-malware tools. All security updates and patches should be up to date. Businesses partnered with a MSP should rely on their MSP team to ensure these to do items are scheduled on a routine basis.
Practice good password hygiene and encourage your teams to do the same. That means no password sharing, no sequential letters/numerals, no obvious words or numbers should be used as your social media account password. Ideally businesses utilize a password management system to help them ensure passwords across the organization are of appropriate length, with appropriate differences in letters, numbers and symbols and are difficult, if not impossible, to guess.
Frame a social media policy
You should also frame a social media policy that spells out the dos and don’ts of social media that everyone in your organization should follow. This is important from various perspectives as employee’s statements on social media may be perceived as a reflection of your business’s values, whether you like it or not. This can make your business a target of cybercriminals and lawsuits.
When something goes wrong
Even the most fastidious businesses can be victim to cyber-attack, malware or hacking. Cyber criminals are smart and are always working to stay one step ahead of security measures. So what does a business do when all their hard work still leaves them vulnerable?
- Invest in a reliable backup and recovery service. MSP’s rely on robust backup and recovery measures to get their clients back up, running and restored in the event of cyber attack or hardware failure.
- Monitor the Dark Web for credentials. Dark Web monitoring can prove invaluable to clients whose credentials have been compromised. MSP’s that provide this service can alert their clients to a compromise so the client can immediately remediate the exposure.
Putting your business out there on social networking sites gives your brand a lot of exposure, presents paid advertising opportunities and even helps you build and manage customer relationships. It can also be tricky to navigate in terms of security. Businesses can leverage the partnership they have with their Managed Service Provider to ensure appropriate password hygiene, firewall security and multifactor authentication strategies are in place to help safeguard business information every day. Unsure if your MSP can provide everything you need? Contact Astute Technology Management today for an assessment!