Most social media users — at least once — have seen signs that a friend’s social account has been hacked. Indications can include such red flags as unusual posts and activities, unexpected fundraising inquiries, spammy ads on the user’s timeline or in direct messages from the user, and new friend requests when you’ve already been friends on the platform for ages.
Unfortunately for the business world, the account-hacking phenomenon isn’t limited to personal accounts. Hackers can take unauthorized control of business’s social media accounts, too — and they often do. And considering everything the enterprise could have on the line — from business data and customer connections to a collection of social followers and the company’s hard-earned reputation — the potential for damages can be even greater for businesses than for individuals.
6 ways to keep your business account safe
The good news, though, is that by incorporating a handful of social media security best practices, businesses can greatly limit their social media security risks. Consider these six tactics that, when implemented, can help protect your organization on social networking sites:
1. Use strong passwords
Sure, passwords such as “abc123” and “qwerty” are easy to remember — but they’re also easy for hackers to crack. To help ensure your passwords are harder to compromise, use lengthy passwords that employ hard-to-guess phrases rather than single words. Also, to make your passwords even more complex, incorporate numbers and special characters such as underscores and exclamation points in them, along with a mix of lowercase and uppercase letters.
Other tactics that can make your passwords harder for cybercriminals to crack:
- Use different passwords for each of your various online accounts. (When the same password is used across multiple accounts, a single data breach or other account compromise can enable cybercriminals to gain access to a range of your business accounts rather than just the initially compromised one.)
- Make a habit of regularly changing your passwords — experts recommend updating them every three to four months.
- Avoid writing your passwords down or sending them in emails, as each of these actions runs the risk of being found/breached by unwelcome intruders.
- Consider using a well-reviewed password manager. These software applications can remember long and complicated (and therefore hard-to-crack) passwords for you, all while keeping them protected from bad actors.
2. Set up multi-factor authentication
In an effort to heighten security levels for their users, many social media platforms offer account holders the option to enable multi-factor authentication. This powerful tool incorporates extra steps beyond username/password entry to verify users’ identification before letting them access a protected account. (One commonly used multi-factor authentication measure involves texting or emailing unique, quickly expiring codes to the verified user, who must then enter the code before being granted account access.)
Taking advantage of multi-factor authentication can greatly decrease your business’s risks of falling victim to any unwanted account intrusion. Some of the most popular social platforms offering multi-factor authentication include:
3. Use a business manager for each of your social platforms
Business managers can help enterprises of any size keep their business-specific social accounts separated from owners’ and/or employees’ personal social accounts, plus they can help ensure that all connected contributors (including marketing agencies) who need social-account access for business purposes can get it easily and when needed.
To facilitate added security and business functionality, businesses should consider having their social media assets housed in a business manager (or ads manager) for each platform they use. When this is done, the social media page for the business isn’t connected to one person’s account, but instead it is owned by the enterprise. Further, multiple administrators should be created in the business manager — so if one person leaves the business, other authorized users don’t lose access to the business’s assets on the platform.
Some of the leading social platforms that offer business managers and/or ads managers include:
- Meta (works for Facebook and Instagram)
- Twitter (Ads Manager)
- TikTok (Ads Manager)
- Pinterest (Ads Manager)
- YouTube (via a Google Brand Account)
4. Recognize the signs of hacking
Red flags that indicate your business’s social account(s) may have been hacked or compromised include unfamiliar posts and direct messages on your account(s), alerts from friends and/or customers telling you that they’ve received strange messages or emails from your business account(s), and notices from an outside company that your account information has been revealed in a data breach. If you suspect your account has been hacked, immediate steps you can take to regain account control and lock the hackers out include changing your account password, notifying contacts that your account has been hacked, ensuring your security software is up to date, and contacting the pertinent organization or people who can provide help.
5. Always be on the lookout for phishing/smishing attempts
Cybercriminals often use phishing/smishing scams in hopes of tricking unsuspecting victims into turning over sensitive information such as the passwords they use to access their various online accounts, including their social pages. These attempts will often employ emails (phishing) or texts (smishing) that use copycat tactics in an attempt to look like they’re coming from legitimate organizations or connections. They’ll also often include links to web pages that are also fake.
Some of the best ways to protect your business against phishing and smishing attempts are alertness and awareness, as phishing emails and smishing texts often include red flags such as misspelled words, improper grammar usage and bad punctuation. Social account users can also avoid falling victim to phishing/smishing scams by not clicking the links included in any suspicious emails or texts they receive. Further, anytime an organization or other connection emails or texts seeking sensitive information, it’s never a bad idea to contact the institution or person directly to confirm the legitimacy of the request before taking any further action.
6. Create a company-wide social media policy
To help ensure that all of your business’s employees are on the same page regarding the use of your brand’s social media platforms, create a social media policy that clearly outlines the guidelines, rules and requirements for using the company’s social media platforms.
Some of the questions and concerns your policy should clearly address include:
- Who is responsible for putting together and posting our social content?
- Which employees will have access to social accounts?
- What steps should we take to protect our account usernames/passwords, and who can we share them with?
- What devices can be used for accessing company social accounts?
- What is the brand voice/personality we’d like our posts to convey?
- How frequently (and when) should we be posting on each platform?
- What steps should we take if we suspect our account has been hacked? (And what should we do if/when other social account-related security crises arise?)
Ready to protect your brand’s social accounts from unwanted intrusion — and increase the effectiveness of your social media posts? At Brandon, our team of data-driven marketing professionals specializes in social media management, regularly delivering more brand awareness, more followers and more conversions for our clients. Contact us today to discuss how we can help your brand and business grow.
Courtney Olbrich
Media & Analytics Director
Courtney is our Media & Analytics Director, located in our Myrtle Beach office. She has over 20 years of experience in marketing and advertising, with a wide variety of clients. Hailing from Metro Detroit, Michigan, it comes natural that she is an avid sports fan. So much so that all of her pets are named after professional baseball stadiums!