Did you know that half of all cybersecurity attacks target small businesses?
With nearly three billion social media users worldwide, your social media profile is the perfect doorway for hackers who want to access your private information.
Most of us assume that cybercriminals only target the “big guys” because they have more to offer financially. However, Fortune 500 companies can afford an in-house cybersecurity engineer and full digital security teams. And hackers know this, so for them, the “little guys” are much easier pickings.
Both LinkedIn and Facebook have been hacked, and one report cited social media as “the number one channel of perceived compliance risk.”
So how can you secure your social media accounts? Our step-by-step social media security guide is made for both small businesses and their employees.
Step 1: Make Sure You Have Ownership of Your Social Media Accounts
This might seem like a no-brainer, but the amount of small businesses we meet who are unsure who owns their social profiles is shocking. The purpose of the first step on this list is 1) To take your digital identity stock 2) To delete unused or fake accounts, and 3) To repossess ownership of the social media profiles you want to move forward with.
When you click “accept the terms of service” you’re giving away a ton of personal information that can be used to steal your identity and to create propaganda. The fewer places you’re sharing data like phone numbers, full names, personal email addresses, and photos of people, the less of a chance you have of experiencing a cybersecurity breach.
It’s very important to have an organized system for managing your social media accounts, for any business or personal profile. If you’re just starting out, implement a process and secure form that contains logins, administrator names, and a style guide for your company’s social media. If you need to take back ownership of your social accounts, first start by doing a quick Google search of your company name, and possibly with each major social media network. Decide which social platforms are right for your business, and then choose which to maintain and which to delete.
Every platform has its own steps for reclaiming ownership, we recommend consulting with a telecommunication expert or telecom company to help. However, if you’re taking the DIY approach, start by searching the platform’s FAQ or searching Reddit for tips on how to troubleshoot it yourself. Note that this step will likely be the most tedious and time-consuming for businesses who have not had an organized approach to their social media system, but it’s absolutely crucial for safety.
Step 2: Update Your Social Media Profile Privacy Settings
Once you’ve consolidated and claimed your social media real estate, the next step is to optimize all of your accounts to be as secure as you can possibly make them. Social media platforms have started to take your personal security more seriously, and allow you to limit who can see information about you.
First, update your passwords to be “good” and by good, we mean complicated and nearly impossible to guess. Use every type of character a given platform will allow you to use. Use a different password for every social media account. Don’t use social media profiles to log in to other websites and update these passwords every time there is a change in staff or agency.
If a social media platform offers two-factor authentication or security answers, use them. The goal is to make the profile as difficult as possible to access for anyone who doesn’t have the right credentials. It’s also possible to set-up a VPN to ensure that all communication conducted within the platform is encrypted and protected.
We see a lot of accounts that aren’t even aware that their personal information is being broadcasted for the world to see. Many people don’t realize that you can control who sees what, who can contact you and engage with your profile, and who can follow you. They don’t know how to identify “fake accounts” and don’t even realize they are friends with them.
As a business page, you likely will only post content that you want to share with the world. However, this type of caution should also be used in the personal accounts that manage your business pages, and with the accounts of employees at your company. We’ll dive deeper into social media “rules” for your company and personal information below.
Step 3: Set A Social Media Standard for Your Business
Happy employees and clients who love your company can be your greatest marketing asset. User-generated content like testimonials and raving reviews are nearly untouchable when it comes to the amount of impact they can have when compared to anything you could boast about your own business.
However, it’s important to set-up guidelines not only for your page but also for the employees and members of your community. Savvy criminals won’t just look at your business page or profile to get the information they seek, they’ll do their research and locate employees and other profiles connected to your business, to find a backdoor in.
Share social media security guidelines with your staff and ask them all to undergo the process themselves. Offer incentives, or better yet, offer them the assistance of a professional to do it for them, and also be sure to explain the “why” to them. Establish rules for sharing photos about your business, tagging your business, and so forth.
Step 4: Keep Personal Information on Social Networks on a Need-to-Know Basis
Just because there is an option to share something about yourself or your business, doesn’t mean you have to. It’s completely possible to create a solid and connected brand without giving away all of your personal information. Ensure that company information is transparent and helpful to your audience, but be wary about which email accounts you share, the posts you make about your business, and the photos you publish on your account.
Be sure to only share an email account that is not connected to sensitive information, like payments and financial data. Don’t share too much detail about the internal workings of your business, assume that anything could be a lead for a hacker. If you have a storefront, don’t share it when you are closed. Be aware of the backgrounds of “behind-the-scenes” type posts that could reveal the type of security you have, where your cash deposit box is located, and so forth.
If your business is working offsite for the day and you want to share a photo, that’s great! Just don’t allude to the fact that no one is at the office. Turn the location off on the post or even consider sharing it the following day when everyone is back (no one will know the difference).
Step 5: Ensure That the Mobile Devices Accessing Your Profile Are Secure
Mobile phones are significantly less secure than a desktop. One study reported that nearly one-quarter of smartphone users have no idea if their smartphone is secure. Automatically connecting WiFi, autofill logins and personal information, poor passwords, and not securing locked screens are just some of the ways your mobile device can be compromised.
Most big-name app development companies are consistently updating their app development software to ensure that users of their products will be protected. However, app development costs can be high and many apps don’t take the security measures you might assume they do. Relying only on the app you’re using to protect you, isn’t usually enough.
Add mobile security to your company’s social media policy and provide a cybersecurity consultant to your employees who access your social media profiles to secure their phones for them.
Step 6: Hire a Social Media and Community Manager
The more hands that are accessing your social media accounts, the more opportunities are created for your data to be compromised. Hiring a designated team means that not only are you eliminating the number of users who are accessing your profiles, but you’re also ensuring that the only people who access it are social media experts.
A Social Media Manager oversees your social media marketing strategy and implements it. They manage your profile’s digital brand and schedule social content to be published. A Community Manager listens to social conversations, monitors brand mentions, and manages engagement. While some companies often lump these roles together, along with content creation, they are most successful when designated into separate roles.
A designated Community Manager has the time to monitor employee social media pages and mentions of your company in a way that a person who is working as a one-man team cannot. They can also enforce your social media guidelines.
Step 7: Hire a Cyber Security Analyst
Although this guide is comprehensive, it’s only the entry point for securing your social media accounts. This is where hiring a telecom consulting company or IT consulting firm can help. A professional whose designated role is to improve the safety and the technology your company uses won’t only make your social media profiles more secure, they will make all your operations secure.
Malware, phishing tactics, Trojans, spyware, and viruses are, unfortunately, always evolving. Quality cybersecurity companies stay updated on the current trends and know what antivirus solutions and infrastructure settings need to be in place in order for your business’ and employee’s data to stay safe.
Unless you can afford a full-service, high-quality in-house team, outsourcing is the best way to keep your social media accounts secure. A designated IT team is the only way to ensure that your social media profiles are regularly maintained and that you have access to the right people with the right skillsets when you need them.
Visit us to learn more, about what we can do for you!
