Blog

3.4 mins

Why Agencies Should Care About Their Client’s Social Media Security

By Rylan Holey | 1 month ago | Strategy | No Comments

Image by Dave Bleasdale via flickr

Pubs can be enlightening places. I recently bumped into some agency-folk at one of London’s many drinking holes and of course the conversation turned to social media. Having seen so many disasters over the years with hacking, phishing, rogue tweeters and fake accounts to name a few, I genuinely believe in taking security around social media seriously.

I wasn’t overly surprised that the agency was still sharing native passwords to the Twitter or Facebook pages of some of the world’s biggest brands on a spreadsheet. This is still a common practice and education is still needed, even among the world’s largest agencies, about the dangers of password sharing.

What did shock me most was the response by one of the team to my belief that they should be taking their client’s social media security much more seriously: “You are underestimating our capabilities as an agency; our clients trust us to not make mistakes”.

Being your client’s guardian is an enormous responsibility. And I say, no matter how great your agency’s social media teams are, you should never, ever, underestimate the threats.

What do Peppa Pig and The White House have in Common?

Breaches in social media security can not only have shocking impact, they can also happen to the most unsuspecting brands. When the The Associated Press was hacked through phishing by the Syrian Electronic Army, it caused the Dow Jones to plunge and briefly wiped off $136.5 billion from S&P’s index value.

AP Hacked Tweet

Hacking doesn’t just affect major media outlets; take Peppa Pig for example. The British children’s cartoon was compromised,  effectively told fans to “go to hell.”

Peppa Pig Aplogy

If you are you still using a spreadsheet to share passwords (or even worse, post-it notes) you can easily reduce the risks of hacking and phishing by using a social relationship platform to provision access to multiple users.

Nicolas Moreau, Digital Strategy Consultant at Publicis Consultants-Net Intelligenz, a Hootsuite Agency Partner, quite rightly states in his article Social Media Security: 4 Steps To Fight Social Media Hijacking: “While securing networks and infrastructures is generally the domain of IT security experts, social media is generally handled by Communications and PRs teams that are less accustomed to information security risks. Fortunately you don’t have to be a networks security expert to take some basic steps to better prevent such attacks.”

No more f-bombs

New Media Strategies were dropped by Chrysler after one of their staff managed to post on the @chryslerauto account: “I find it ironic that Detroit is known as the #motorcity and yet no one here knows how to fucking drive.”

With technologies like Nexgate’s Social Patrol, you can now have automated content moderation based on custom or predefined dictionaries so f-bombs will never make it to your client’s accounts.

If you are working with clients in any regulated industry like healthcare, finance or drinks—using tools like Social Patrol can help to significantly reduce approval times by avoiding the need to have every post manually moderated by client-side risk and legal teams.

Record everything

Being able to quickly identify the source of a problem like Chrysler’s f-bomb can help speed up the crisis recovery process. If there are multiple agencies or parties involved on an account it is in your interest to know where mistakes come from so you are not accountable for someone else’s mistake.

If your client is using the right social relationship platform you should be able to keep track of who wrote what, when and how onto a social network.

Education, education, and education

As social media spreads across your client’s business, more employees will need to take responsibility as ambassadors of the company. Training your clients workforce on the brand’s social media guidelines and best practice will have a positive impact by enabling the workforce to engage with their personal and professional networks—maximising your client’s reach.

Work with your client to build a scalable education program that also covers their social media policies, process, and compliance to help reduce risks of security breaches or fines by regulators.

Risk mitigation is an opportunity

Advising your clients on mitigating risk and implementing the correct procedures with them across their social media will enable them to operate in a more agile manner, help secure their brand reputation and also ensure they keep their business with you.

As a brand’s trusted advisor, helping to promote the right practice with your clients will have long term benefits. Security implementation and consulting can become a part of your social media services that can be brought to other clients and other departments in a business to help increase your footprint at a client and open up new opportunities.

This post is the third in a three-part series from Rylan on Agencies in the Social Realms.

Want to learn about how agencies can work with Hootsuite? Check out Hootsuite’s Agency Partner Program.

1 comments
Howie Goldfarb
Howie Goldfarb

Hi Rylan

I am working on a post right now separating social media crises vs events. and you just made me aware that a crises can happen online. They rarely do. Almost always they start with a real world event...think Oil Spill or Nestle's Palm Oil Practices.....then it goes online but also almost never goes viral without traditional media coverage (TV, Print, Digital Print). 


But hacking is different. Depending on the business that can be a crises. So I can add this and will link in my post what you wrote here. The Chrysler tweet was an event. Didn't affect Chryslers business....and 99.9% of non-social media industry people ever knew it happened. But it did get the agency fired and people who run social should beware that while they might embarrass a client without affecting their business in the real world...you can easily lose a client over this.


Nice post cheers