Social media is an important component for every business, but if your accounts are hacked, it can cause serious damage to your business and its reputation. It's important to keep your accounts secure and your information safe. If you take the right steps, you can secure your social media accounts from unwelcome hackers. Here are five best practices to follow.
1. Choose a strong password.
The first step to a secure social media account is a strong password – "password123" isn't going to cut it.
"Choose a strong password, which typically should include numbers, symbols and capital letters, but make sure it's not so complicated that you can't remember it," said Katie Campbell, social media manager at Fundera. "Avoid using the same password for each account – this is a common tactic that hackers will try when attempting to hack into your social media profiles."
In addition to changing up your passwords, Campbell suggests not signing in to multiple accounts through one social media account. [Read related article: Cybersecurity: A Small Business Guide]
"Facebook will often allow you to sign in to Instagram and various other social media platforms with the same 'account.' Try not to use your Facebook account to sign in to anything other than Facebook," she added.
Editor's note: Need social media management for your business? Fill out the below questionnaire to have our vendor partners contact you with free information.
2. Change your passwords often.
It's best practice to change both your personal and business social media passwords frequently. You should change your passwords at least once a quarter and when an employee leaves the company.
"If any of our employees leave, we immediately change passwords to all accounts that they may have had access to," wrote Taryn Canedo, Ignite Social Media account manager, in a blog post. "While we don't expect our past employees to disrupt the pages … we are careful to always change passwords immediately when someone leaves, and you should get into the habit too."
Once you change a password, make sure to communicate it with the rest of the team, but not through email. "Make sure you're picking a strong password each time and, when communicating the updated password to those who need it, you're not emailing, you're calling," Canedo added.
3. Use two-factor authentication.
Paul Bischoff, privacy advocate with Comparitech, believes the best way to keep an account secure is with two-factor authentication.
"Whenever an employee logs in from a new device, they are required to input a PIN sent to the account owner via an app, SMS or email," he said. "This not only protects you from stolen passwords, but can ensure that whoever is in charge of the accounts be present when logging in on new devices."
Some social media accounts automatically require two-factor authentication when you log in with a new device. But, if you want to keep your accounts very secure, set up two-factor authentication whenever someone signs in to the account.
4. Inspect page roles and who has access to accounts.
Along with changing passwords often, you should always know who has access to your accounts.
"You should periodically sweep your account to see who has access and make sure that all roles are appropriately assigned," said Canedo.
While you want to limit the number of people with access to your accounts, more than one person should know the password. If only one person has access to an account and they're fired, it will be a hassle regaining control of the account.
"Most social media platforms allow you to add admins or managers to the same business profile," said Campbell. "This way, you can protect your page's account information but allow others to access the profile through their own account."
5. Keep your information offline.
"People often forget how easy it is to let your username, email and password slip up on the internet," Campbell said.
To avoid having your information on the internet, Campbell recommends signing out of your accounts when you're done, removing any permissions of applications once you are done using them, and not copying and pasting your password.