Preventative Measures to Keep Hackers at Bay
What do Delta, Crayola and Chipotle have in common? All three brands were hacked on social media in the last six months. And not just “forgot your password?” hacked, but NSFW hacked.
Consumer accounts are hacked all the time, sending out “OMG is this you?” links to Facebook friends or posting “weight-loss breakthrough!” pictures on Instagram, but the appeal to gain access to brand accounts is much stronger because it gives hackers a larger digital megaphone. For brands, hacks are not only a threat to their social reputations, but also to their data security and even stock prices.
So how can you keep your brand’s social channels safe? Start with some preventative measures to help keep hackers at bay.
- Limit access. If a person isn’t regularly updating or managing content, he or she doesn’t need to know the passwords to a brand’s channels. Keep your social team small – between two to five people. Having more than one manager makes it easier to gain control in case of a hack, and having less than five makes it easier to identify the cause of the breach.
- Update, secure & encrypt P@$sw0rds. When possible, use symbols, numbers and capitalization in passwords, and change them often, at least once per year. People managing Facebook, Google+, YouTube or other channels that require connection to personal accounts should also change their own passwords regularly.
- Monitor third-party apps. Many social media managers use a measurement tool, a listening platform and a scheduler. On top of that, there are follower analyzers, quizzes and, of course, games. Always know which apps are in use, what purpose they serve and whether or not they have had a breach recently.
- Use a real email address. Major social media networks have algorithms that allow them to automatically email an account manager if they suspect unauthorized activity. That’s only helpful if the email is going to an actual account manager instead of email@example.com.
Unfortunately, all the defensive tactics in the world won’t stop some hackers. As in crisis communications, the best proactive strategy is to develop a reactive plan. Plans will vary by channel, but each should include:
- A process for regaining access
- A list of social media managers to contact and their contact information
- Links to “Help” centers for all platforms (like Facebook’s hacked account page and Twitter’s hacked and compromised account pages) so that you can contact the platforms if you need to shut down accounts
- Systems for alerting fans or followers
- An evaluation step for determining the cause of the hack to prevent it in the future
Have any other tips for keeping channels under lock and key?