Social media is all fun and games … until a blunder, blooper or breach cripples your company image and drops your CMO to her knees
Post by Adi Englander
Proper etiquette and online security are no laughing matter. Yet it’s amazing how few companies actually know the risks that come with using social media as a business. The truth is all it takes is a split second for disaster to strike.
While the manifestations of these risks come in all shapes and sizes, knowing the three big boogiemen will help you steer clear of danger.
1. Employee Privacy Violation
A disgruntled employee with login access is just the tip of the iceberg. Sometimes an employee can accidentally leak secrets without even knowing it.
For example, a passionate or excited employee might hear about a new project or see a big shot walk into your company and think, “I need to tweet this!” An innocent gesture to get a few likes on their part may result in them inadvertently telling your competitors what you’re up to, or worse, compromising the privacy of your customers.
In a few cases, employees simply do not know what is appropriate to share and what they should avoid. A social-media etiquette policy (signed by each employee and placed on file) can help tremendously with informing employees what’s acceptable and what’s not.
Moreover, because a company can be held legally liable for statements made by their employees, even if they are unaware of the statement being made, such policies are vital.
Protect Yourself: SecureMySocial
Social media policies help minimize the risk of employees violating regulations against disclosing private, confidential or sensitive information. However, policies are only effective if users comply and if businesses can continuously keep track of activities.
Otherwise, policies won’t save you from legal repercussions the moment an employee shares information that can be damaging to your business, your colleagues, or even themselves.
SecureMySocial helps companies by automatically keeping track of user-generated content and warning companies and employees in real-time when problematic material is shared on social media sites. This ensures immediate action or removal.
This helps to give businesses the safety they want without engaging in illegal activities such as asking employees for social media credentials.
2. Reputation Damage
Posts can build your credibility … or suck the life from your online presence. Both are actually risky, here’s why.
The road to hell is paved with good intentions. Your social-media staff is creative and driven. And those are great qualities. Unfortunately, this can lead to content that might seem funny or timely, but blows up in your company’s face, like the post from Dave & Buster’s below. This happens so often that Gawker has now created a dedicated page to keep track of them all.
Image Credit: Adweek
On the other side, bad intentions just as costly. Posts from the corporate account or from an employee’s personal account attacking your brand can be devastating.
When British entertainment retailer, HMV, decided to lay off 190 employees via mass firing, one employee started live tweeting the activities — directly from the company’s Twitter account. What’s worse, she was the only one with access to the accounts at that time and when her superiors found out what was happening, they had no clue how to stop it.
Protect Yourself: Google Alerts and SocialMention
Luckily for you, there are some free, high-quality tools available for proactive listening online. At the top of the list is Google Alerts, the long trusted tools for getting email or RSS feed alerts when your brand or chosen keywords are mentioned online.
SocialMention is also great for getting an overview of how your brand is perceived online. Plug in a keyword and it returns a stream of mentions, as well as a sentiment score, and a list of the top users of the term. That last insight is great for identifying key influencers.
3. Data Theft
While the focus of this article has mostly been on employees and those within the company, attacks can — and do — come from the outside. Social media is the ultimate playground for hackers and identity thieves. They prey on the vulnerable and the easily swayed to steal passwords and get unauthorized access to accounts.
Smart businesses can stem the likelihood of these intrusions by using social media management tools, like Oktopost, Buffer or Hootsuite, which allow companies to give access to employees and agencies without sharing passwords.
However, with the need for access on multiple devices and some social media platforms (like Instagram and Vine) not offering this function, it can be necessary to share passwords and access with multiple employees.
Most often, it’s these insecure passwords that put companies in a compromising position. By creating simple passwords so that multiple people can remember and use, they make themselves vulnerable to brute force attacks or automated tools and algorithms that continuously guess passwords until the right one is discovered.
Protect Yourself: LastPass and Account Permissions
LastPass is simple. It helps you create random strings of characters to use as strong passwords and manages them in an extension or app so you don’t have to enter them yourself.
If you’re more interested in something that’s easy for you (and your team) to remember, you can use this method from web comic, xckd. (Try using 6 words instead of 4 to make the password even stronger.)
Image Credit: xkcd
Along with setting strong passwords for each of your accounts, remember to continuously keep track of the administrators and account permissions on each account to keep unwanted persons and applications out.
Summary
Social media brings great benefits to the businesses, but it can be exceptionally risky if not properly monitored and protected.
You won’t be able to completely prevent employees from accessing your accounts or sharing the wrong information from theirs, but you can guide them along the right path and use tools to catch any missteps as soon as they happen.
Malicious forces from outside will also test your vulnerability and attempt to gain unauthorized access, but in most cases, they will go away once they see you’re not an easy mark.