Protect your social media sites from hackers
By Ryan Holmes
On Monday, Feb. 18, Burger King woke up to one whopper of a social media problem. The company’s Twitter account had been hacked—its name changed to McDonalds and its background replaced with an image of Fish McBites. In the hour it took for officials to regain control, hackers proceeded to send 53 tweets to the burger chain’s more than 80,000 followers, ranging from the mildly funny (“if I catch you at a Wendys, we’re fightin!”) to the patently offensive (“We caught one of our employees in the bathroom doing this…,” with an image of a drug user shooting up).
So what’s a socially engaged company to do? Banning social media altogether is no longer a realistic option. The simple fact that Burger King has hundreds of thousands of followers on Twitter and Facebook speaks to the power of the medium. Retreating from social media means ceding a significant competitive advantage.
But there are ways to reduce risks. At the helm of HootSuite, a social media management tool for companies, I’ve learned that common sense, a little training and the right technology go a long way. While it may be too late for Burger King, these steps should keep your social media account from being similarly Hamburglarized:
Get serious about passwords. Believe it or not, the most common password in 2012 was still “password” (followed closely by “123456”). Few people realize that an effective password is often the only thing standing between you and a cyber attack. Instead of choosing your cat’s name or your personal details, consider strategies like using the first letter of each word of a common phrase or song lyric. (“I can’t get no satisfaction” becomes ICGNS.) Or save yourself the trouble altogether and use password generating and management tools like LastPass.
Centralize social media channels. Large companies are sometimes surprised to discover that their employees have started dozens of “corporate” social media accounts, often without permission. A first step in getting social media security under control is to consolidate all of these accounts within a single social media management system, which allows users to publish to multiple profiles on Twitter, Facebook, LinkedIn and other networks from one secure interface. This kind of system also acts like an extra firewall.
Control who can post messages. Social media accounts at consumer brands can have millions of followers. Entrusting the keys to these accounts to entry-level employees or interns carries significant risk. A better approach is to use a social media management system that restricts who can publish messages. For example, in the HootSuite platform, companies can grant certain employees limited permission to draft messages, which must then be fed into an approval queue for management to sign off on before publishing. This ensures that social messaging meets company standards and no illicit tweets or posts slip through.
Offer basic social media education. Just a few years ago, social media was a toy. Today it’s a cornerstone of marketing and sales strategy at the planet’s biggest companies, poised to unlock some $1.3 trillion in value in the years ahead. Giving employees access to this kind of power without any basic education is tantamount to handing over keys to the car without a driver’s ed course. Structured training on security and compliance issues is critical. Fortunately, some of the best social media tools now come equipped with online courseware and webinars for users.
The combination of social media education and technology can dramatically reduce the possibility of a security breach—either from outside the company or from within.