- Social media is a key part of a company's marketing strategy. Keeping social accounts secure protects brand integrity.
- Strong passwords and changing passwords often are two ways to secure pages.
- To protect social media accounts, businesses should develop companywide policies and a chain of command to address problems.
Social media is important for every business, but if your accounts are hacked, it can cause serious damage to your business and its reputation. It's important to keep your accounts secure and your information safe. If you take the right steps, you can secure your social media accounts from unwelcome hackers. Here are 10 best practices to follow.
1. Choose a strong password.
The first step in securing a social media account is to create a strong password; "password123" isn't going to cut it.
"Choose a strong password, which typically should include numbers, symbols and capital letters, but make sure it's not so complicated that you can't remember it," said Katie Campbell, social media manager at Fundera. "Avoid using the same password for each account; this is a common tactic that hackers will try when attempting to hack into your social media profiles."
In addition, you should avoid signing in to multiple accounts through one social media account, Campbell said. [Read related article: Cybersecurity: A Small Business Guide]
"Facebook will often allow you to sign in to Instagram and various other social media platforms with the same 'account,'" she said. "Try not to use your Facebook account to sign in to anything other than Facebook."
2. Change your passwords often.
It's advisable to change the passwords for both your personal and your business social media accounts frequently. You should change your passwords at least once a quarter and when an employee leaves the company.
"If any of our employees leave, we immediately change passwords to all accounts that they may have had access to," Taryn Canedo, Ignite Social Media account manager, wrote in a blog post. "While we don't expect our past employees to disrupt the pages … we are careful to always change passwords immediately when someone leaves, and you should get into the habit, too."
When you change a password, make sure to share the new password with the rest of the team, but don't do it through email. "Make sure you're picking a strong password each time and, when communicating the updated password to those who need it, you're not emailing; you're calling," Canedo added.
3. Use two-factor authentication.
Paul Bischoff, privacy advocate with Comparitech, believes the best way to keep an account secure is with two-factor authentication.
"Whenever an employee logs in from a new device, they are required to input a PIN sent to the account owner via an app, SMS or email," he said. "This not only protects you from stolen passwords but can ensure that whoever is in charge of the accounts be present when logging in on new devices."
Some social media accounts automatically require two-factor authentication when you log in with a new device. But if you want to keep your accounts very secure, set up two-factor authentication whenever someone signs in to the account.
4. Inspect page roles and who has access to accounts.
Make sure you always know who has access to your accounts. "You should periodically sweep your account to see who has access and make sure that all roles are appropriately assigned," Canedo said.
Though you should limit the number of people who have access to your accounts, more than one person should know the password. If only one person has access to an account and they leave the company, it will be a hassle to regain control of the account.
"Most social media platforms allow you to add admins or managers to the same business profile," Campbell said. "This way, you can protect your page's account information but allow others to access the profile through their own account."
5. Keep your information offline.
"People often forget how easy it is to let your username, email and password slip up on the internet," Campbell said. To avoid having your information on the internet, Campbell recommended signing out of your accounts when you're done, removing any permissions of applications once you are done using them, and not copying and pasting your password.
6. Create an email address exclusively for social media management.
That way, if a social media account for the company is compromised, the hacker won't be able to access any other sensitive data. Even if you use the email account exclusively for social media, remember to employ smart internet security practices, such as choosing strong passwords and changing those passwords often.
7. Be wary of public wireless connections.
Be cautious when accessing social media accounts on wireless networks, the U.S. Securities and Exchange Commission warns. Public Wi-Fi connections at restaurants, libraries, airports and other places of business lack the protections to keep social accounts secure. Cybercriminals easily gain access to passwords and other data on these types of wireless networks.
8. Secure social media accounts on mobile devices.
To make it easy to log in, many people don't have their settings require two-factor authentication for social media on mobile devices. Although you may not want to require a password each time you log in, you must have passwords to lock your phone and prevent unauthorized use of social media accounts. Facial recognition and fingerprint scanning are also available to keep mobile devices secure.
9. Create a company policy to keep each account secure.
Businesses should have policies with specific steps and requirements for how to secure social media accounts at work. Explicit rules should state who has access to the accounts and expectations for how to prevent security threats. The policy also should provide information about whom to notify if social media accounts are compromised.
10. Invest in security products that keep social accounts secure.
Keep business social media accounts secure with products that monitor business channels. Once installed, software programs alert you to any issues associated with social media accounts, including malicious link posting and fraudulent accounts impersonating your brand.