Secure Business

12 January 2020

Social media and cybersecurity for companies

For some years now, the communication strategy of companies has often been to use social media. Yet, few companies consider the security of their social media.

Make access to your social media accounts secure

Some computer hackers may be tempted to take control of your social media to commit fraud against your followers or clients, or indeed simply to harm your reputation.

Secure the access
  • Turn on two-factor authentication (Read how to activate multi-factor authentication

  • It is preferable to use a program that allows access to be granted for each individual and not a password for everyone

  • Change the passwords whenever a person managing your social media leaves the company

  • The Password Reset function for your accounts should point to a specific email address of the company (for example, an email address used by the social media team) and not an employee’s private email address. If that person leaves the company, he/she might still be able to change the password.

  • Teach your employees to identify phishing messages so as to prevent a fake Twitter or Facebook message telling you to change your password and directing you to a fake website where the fraudsters will retrieve your data. 

  • Set up a blocking procedure if someone with access to your social media loses his/her smartphone (if your accounts can be accessed from that device).

Make your on-line content and comments secure

Take care when publishing information on line. Sometimes a photo contains more information than you think such as the geolocation or strategic information on a wall in the background of the picture.  Putting the company on line on social media also requires a minimum amount of monitoring of comments so that what is written on your page remains in line with your communication policy.

How to make your on-line content secure

·        Choose an account name and an image that corresponds to your company.

·        Always double check the multi-media content or text that you publish on line (it is recommended that the check is carried out by a second person).

·        Regularly monitor your account and read all the comments to identify content that is not in line with your communication policy.

·        Watch out for links added within a comment by a reader and delete it if you are not sure about the destination site.

Inform your contacts and your teams of your policy related to the use of social media

A message of a degrading nature appears on your social media.  Do you leave it, as freedom of expression is a right, or do you delete it as it is not in keeping with your company’s policy?  To eliminate any uncertainty, you should draw up and publish your social media charter.  You can consult ING Belgium’s charter at www.ing.be/socialmedia.

Also train the person or persons using your social media to respond to questions or messages.  There is a lot of training available in this area nowadays. 

A final piece of advice

Your employees’ personal accounts and the company’s account must be managed on separate applications (on indeed devices) so as to prevent a personal message sent in the evening ending up at the top of your company’s information flow.  This has happened more than once before.