Brands that leverage always-on social media to engage with consumers also open themselves up to online hackers. The risk is small, but it’s important to keep a focus on brand Pages’ security to ensure the message to, and with, consumers is as planned. As Burger King recently learned, social media accounts can very quickly be transformed from something on-brand and relevant to the audience, to something the brand has no control over.
Here are a few simple tips to protect a brand’s social media accounts:
- Be sure to log out of social media accounts.
- When managing social media from a mobile device, keep it locked with a password.
- Change passwords regularly, e.g., once a month, and have a strong password using a variety of capitals, numbers and symbols; and make sure the password is not something easy to guess or directly related to the brand.
- Keep access to passwords limited to community managers and senior managers who are responsible for social media activity.
- Facebook allows brand Pages to have multiple Page managers, assign levels of access to the different teams and people.
- Scan computers for viruses and malware, especially if unauthorized account behaviors continue to be posted after the password is changed.
- Brands often connect different applications to their social media accounts. Execute a regular audit of which applications have access to social media accounts.
- Audit the people who have access to social media accounts to make sure only individuals who need access have access.
One additional step is to employ a company-wide Social Media Policy. Providing guidelines to employees will help protect the brand and the employees themselves. Two core principles for all successful Social Media Policies include, (1) requiring employees to be honest about who they are and who they work for while also clarifying that the opinions are their own; and (2) the internet never forgets; make employees aware that what they say is permanent and to use good judgment – only share what is already public information, nothing confidential.
If social media accounts do get compromised, start with the following steps:
- Log in and change passwords immediately, this will decrease the opportunity of additional unauthorized posting.
- Report the incident to the social media crisis leader and core social media team to determine the most appropriate action steps.
- If using 3rd party management tools to publish to the page, revoke permissions to those applications; it can easily reconnect once full control of accounts is regained.
- If not doing already, begin monitoring the landscape to understand the conversation related to the hack and its implications on action steps.
- Share contact information for a representative with key team members, so anyone on the team can reach out.
- Remember, social media is 24/7, and an issue can arise at any moment; monitor owned social media channels often to react quickly.
These steps should be included in the brands social crisis plan as a piece of the overall social media strategy.
Mike Schottelkotte and Taylor Wiegert also contributed to this article.