This is the third installment in a three-part series on how to organize the enterprise for social media risk management by Dave Meizlik, the Vice President of Marketing at Nexgate. To learn how your enterprise can integrate social media risk management across every department, download the white paper from HootSuite Enterprise and Nexgate, Mapping Roles and Responsibilities for Social Media Risk.
Companies are struggling to keep up with security on social media and it’s no surprise as to why. The average organization has over 300 accounts associated with their brand, including several they likely aren’t aware of. Security and compliance risks rose nearly 400% last year, while social media spam increased by 660%. And compliance risks are also intensifying: financial organizations have about three violations per month related to non-disclosure of loan terms in their social messaging, and just last week the SEC issued new guidance.
In parts one and two of this series, we laid out the first steps to creating a successful social media security program. We first went over the makings of a successful governance structure, including who amongst your team is responsible for social media security, and then covered how those personnel can work together to forge a plan of action. Now we’ll turn our attention to implementing technology controls.
Finding the right technology
The importance of the right technology in this process is vital – it’s the final, critical piece of the puzzle. Even with the best people and processes in place, without a method of monitoring, enforcing, and reporting on the implementation of roles, responsibilities, and policy, you’ll have no way to ensure that your resources are being used to their greatest potential and your social media program is safe and compliant. Policies are an important first step, but without technology to monitor and ensure their enforcement, they’re merely words.
Once your company has a foundational structure in place clarifying roles, responsibilities, and processes, your IT and social media departments can implement tools to manage and mitigate risk. These tools should provide visibility into your social infrastructure (i.e., how many accounts you have and which platforms they’re on), govern the kinds of content and data published across them, ensure compliance with internal policies and external regulations, and provide protection from social media account hacks.
Here are the core technologies enterprise brands should implement to safeguard their social media programs:
Account Discovery Tool – This technology continually scans Facebook, Twitter, Google+, and the other social networks to find legitimate, orphaned, employee, partner, and fraudulent accounts. Its continued operation means any time a fraudulent page is created – whether by an employee or fraudster – you’ll receive a notification and can take action to monitor the page and/or have it removed.
The problem with not fully understanding your social footprint is that you can’t manage something without knowing it exists. This means that any fraudulent accounts masquerading as your brand are churning out bad content without consequence, and orphaned, redundant, or undiscovered accounts are defenseless against hacks, spam, and malware.
Automated Content Filtering – Security and compliance filtering can identify and remove content that violates policy. Your policy might be an acceptable use policy (AUP) defining how your employees and customers can use your social media pages, or a security, pornography, or hate speech policy, among others. The more popular your brand becomes, the more likely you are to find that ensuring the enforcement of your policy manually is nothing short of a challenge and a waste of resource.
Automated technology can transform this otherwise painstaking, overwhelming process into something much more manageable. With just a few clicks, for example, an automated content filtering technology can remove spammy, malicious, pornographic, and other inappropriate content from your social media accounts. You have this technology today for your corporate email; similarly, it can be applied to your social media communications.
Social Media Management Suite – Updating and monitoring multiple social media accounts across the major platforms can be tough. Tracking conversation about your brand, engaging with fans and followers, and measuring campaign results is a tall order for just one social network – doing so for multiple is simply chaos.
This is why a social media management tool like HootSuite is essential to defining workflow, standardizing branding and messaging, and safely engaging with and growing your user base. An enforceable workflow with pre-content publishing scanning means you’ll greatly reduce the risk of unauthorized content being distributed. And, by locking your social publishing down to only authorized apps, you can ensure your teams follow your defined policy and workflow and don’t bypass security.
Hack Detection and Account Locking – When something goes wrong on your social accounts, having the ability to lock them down and prevent further damage is critical. This technology provides real-time monitoring and remediation for account tampering, hacks, and abuse and alerts you in the event of an unauthorized change to your account. It also removes any foreign content to lessen the impact of a security breach.
Today, hacking and other security risks are on the rise, as attacks become increasingly sophisticated to deal with advances in social technology. It’s important to be prepared for such an event with the right technology to protect your brand and social media investment.
Without the appropriate technology, threats to your brand’s social media security can seem like an uphill battle, to say the least. But automated technology like that from HootSuite and Nexgate can help your company centrally discover, audit, and protect its presence and accounts on the social web, giving your team a powerful tool to secure your social accounts simply, effectively, and efficiently.
Who’s responsible for the cost?
Of course, technology isn’t free. After determining who’s responsible for what, the next question is often “who has to pay for it?” When it comes to the social media security and compliance, the cost of technology and its management is often shared between the IT department and Marketing, with Marketing assuming the largest portion.
Likewise, the cost of managing the risk of social media is often a shared expense. For example, the actual technology needed, such as a risk and compliance application or a content filtering application, is often covered by both IT and Marketing or Corporate Communications, with Marketing assessed a majority of the financial responsibility.
Other costs, such as legal support, audit, compliance support, and employee training are often taken on by their respective groups or with a charge back mechanism to Marketing. For example, the costs taken on by Legal and Compliance for resources, such as having an attorney and/or compliance person on staff that has been trained and has expertise in social media would be taken by the Legal or Compliance departments with the potential for some charge back to Marketing.
Training all employees and agency staff on good social media policies and practices is oftentimes covered by Human Resources, although training particular groups such as social media customer care representatives or the home department of employees who engage in social media might be handled by a more specific department that would directly benefit, such as Marketing.
Creating an effective social media security might seem complex and perhaps even daunting at first. But with the right governance structure, processes, and technology, your team can work together to grow and maximize your social media ROI and better engage with prospects, customers, and partners.
To learn more about creating a successful, integrative social media strategy, download HootSuite and Nexgate’s white paper, Mapping Roles and Responsibilities for Social Media Risk. More information about the HootSuite and Nexgate partnership can be found in our on-demand webinar, Secure Your Social Enterprise With HootSuite and Nexgate.
Dave Meizlik is the Vice President of Marketing at Nexgate, a HootSuite partner that provides cloud-based brand protection and compliance for enterprise social media accounts. Nexgate’s patent-pending technology is used by some of the world’s largest financial services, pharmaceutical, Internet security, manufacturing, media, and retail organizations to find and audit brand affiliated accounts, control connected applications, detect and remediate compliance risks, archive communications, and detect fraud and account hacking.