header photo

Keep Your Social Media Sites Safe by Following these Three Steps


Social Media represents the perfect storm for bad actors: billions of people on sites often less visible than emails or websites.

Today’s post will focus on a phased process that will not only limit your exposure to social media cyber attacks it will keep your online brand presence and reputation intact.


Step 1: Start with a Social Media Audit

Google your company name.

  • How many social accounts come up?
  • Is your organization active in each one? Regarding inactive or imposter accounts, delete or report them ASAP.
  • Is the information on each site correct? Check the:
    • Name
    • Address
    • Telephone Number
    • Email
    • Company website
    • Operational Hours
  • Fix all the about sections, including making sure team members and their bios are up-to-date.

Review your digital footprint monthly, quarterly, or bi-annually.
Check your network privacy settings, access, publishing privileges, and recently identified security threats.


Step 2: Implement a Social Media Policy

According to Edelman, 52% of the public believes an employee is an acceptable brand spokesman. Therefore, it is vital to establish what they can and cannot say about the company on their channels, what policy violation consequences curtail and what a user should do if they suspect hacking has occurred.

Review and update the policy on a quarterly or bi-annual basis.

Curtail the number of individuals authorized to post on the company’s behalf.
One administrator is too small, and 15 people are too many. Instead, establish two-three admins with total control over the pages. Remove privileges if they violate your policy or when they leave the firm.

Let employees know the consequences.
Believe it or not, most cyberattacks are due to accidental actions. Therefore, execute your policy based on authenticated intent.

Step 3: Train and Engage Employees

Please encourage them to use two-factor authentication.
This second security level ties their login credentials to their phone. Since Facebook, LinkedIn and Twitter do not require a separate sign-in to access your company page; this is an excellent way to secure it.


Avoid password reuse.
Each channel should have its unique passcode consisting of a combination of lower and upper-case characters, numbers, and symbols. However, most experts agree, passwords that are 14 characters or longer are the most secure.

Update all privacy and security settings regularly.

Tell them what to do if an attack happens.
Guide users through a process when they think their account has been hacked. 

Go Back