7 Ways to Hack-Proof Your Company’s Social Media


There are ways to reduce social media risks. My company, HootSuite, provides social media tools to 79 of the Fortune 100 companies – brands with millions of followers and a lot to lose in a social media mishap. Being in the trenches, I’ve seen that common sense, a little training and the right technology go a long way. 

Here are 7 ways to keep your company’s social media safe

  • Get creative with passwords: Believe it or not, the most common password in 2012 was still “password” (followed closely behind by “123456”). Few people realize that an effective password is often the only thing standing between you and a cyberattack. Instead of choosing your cat’s name or your personal details, consider strategies like using the first letter of each word of a common phrase or song lyric (“I can’t get no satisfaction” becomes ICGNS). Or save yourself the trouble altogether and use password generating and management tools like LastPass.
  • Centralize social media channels: Large companies are sometimes surprised to discover that their employees have started dozens of different social media accounts on Facebook, Twitter, LinkedIn and other networks – often without official permission. A crucial first step in getting social media security under control is to consolidate all of these accounts within a single social media management system. These specialized tools allow users to publish to multiple accounts on various networks – Twitter, Facebook, LinkedIn, etc – from one secure interface (Plus, they usually include advanced scheduling and analytical features for tracking social media campaigns). Companies can draft, publish and monitor all social media activity from one online dashboard. It saves time and represents a quantum leap in security.
  • Put a buffer between you and the bad guys: Another benefit of using a social media management system: It acts like an extra firewall. One of the most common ways for hackers to gain access to passwords and sensitive data is through malicious links posted on social media sites and elsewhere. Click on what looks like a great deal, for instance, and you might end up on a bogus site where malware is instantly downloaded to your computer. This happens all the time on social networks yet is easily prevented by using a social media management system with built-in malware and spam prevention. When you click on a suspect link, the system will automatically issue a warning before opening the page – sparing a potentially compromising encounter.
  • Control who can post messages using limited permissions: Social media accounts at consumer brands like Nike and Whole Foods can have millions of followers. Entrusting the keys to these accounts to entry-level employees or interns carries significant risk. A better approach is to regulate access through a system of limited permissions. Using HootSuite, for instance, companies can grant junior employees limited permission to draft messages, which must then be fed into an approval queue for senior management to sign off on before publishing. This ensures that all social messaging meets company standards and no illicit tweets or posts slip through.  
  • Rein in password access: At many companies, senior management have no clue what their social media passwords are. From an IT perspective, this is terrifying. A better approach is to use what’s known as single sign-on technology. Business-grade social media management systems allow employees to log into social media accounts with the same username and password used for their company email. The master switch for turning accounts on and off remains in the hands of the IT department, who can also revoke access from individual employees, should the need ever arise.
  • Offer basic social media education: Just a few years ago, social media was a dorm room toy. Today it’s a cornerstone of marketing and sales strategy at the planet’s biggest companies, poised to unlock some $1.3 trillion in value in the years ahead. Giving employees access to this kind of power without any basic education is tantamount to handing over keys to the car without a driver’s ed course. Structured training on security and compliance issues, as well as on more advanced themes like using social media to sell to clients and improve internal workflows, is critical. Fortunately, some of the best social media tools now come equipped with online courseware and webinars for their users.  
  • Take the worry out of paid social media: Paid social media (like Promoted Tweets on Twitter and and Promoted Posts of Facebook) has fast become a central part of marketing strategy. Consumer brands are spending billions every year to send out these ads dressed up to look like normal social media messages to targeted users. With so much money at stake, it’s critical that companies diving in use a secure platform for buying and placing promoted messages. Otherwise, it may be far too easy for a hacker to sabotage an expensive campaign with a few rogue tweets or – even worse – get ahold of sensitive credit card information. Be sure to use a social media management system that allows users to purchase Promoted Tweets from within the dashboard itself. That way, all purchases can be centrally monitored, password access be restricted and – should a breach happen – accounts can be revoked instantly.

The combination of social media education and technology can dramatically reduce the possibility of a security breach – either from outside the company or from within. To bring it all together, some social media management systems have even begun offering security certifications – packages that integrate training (including crisis simulations) with the right tools and emergency alerts should suspicious activity ever be detected. For companies increasingly dependent on social media to reach clients and build relationships, this one-stop peace of mind may be an attractive option.