There are a million and one ways your business can become vulnerable to internal and external threats. Some you can prevent, while others you just have to take as they come. But for those threats you can prevent, you should have policies and procedures established. Like for social media… but more specifically, the social media profiles for your business.
Here are a few things you should keep in mind.
Vindictive Employees
If an employee gets fired, you never really know what they’re capable of. You should already have a set procedure that details what should happen when an employee is let go – as far as credentials and access is concerned. But, you should take this a step further and incorporate your social media profiles. If an employee is fired and they still have the ability to access your Facebook or LinkedIn accounts, they could potentially post inappropriate photos or comments to your pages. Don’t allow this to happen.
Account Security
Just as you would any normal business or personal online account, you should keep your company’s social media profiles secure with good logins and online habits. The passwords for these accounts should be unique, strong, and updated on a consistent basis. And you should never leave your company logged into a social profile on any public computer or device. You don’t want some random person accessing your company profiles and posting who knows what.
Social Engineering
For those of your employees who have access to your social media profiles, they should be aware of the fact that cyber threats can piggyback off social media outlets. You could potentially get a phishing email inside Facebook – where a cyber-criminal would use social engineering techniques to extract sensitive information from you or your employees. Or you might receive a phishing email in your regular inbox but with regards to your Facebook account. Employees should be on guard with any communication they receive that references social media logins or credentials.
Social Media Policies
Another piece you should consider is which employees are allowed to do what on your profiles. Can they post to your page or can they just monitor communication? Can they edit information and change parts of your profile? What are they allowed to post and when can they do this? While this might not leave your business vulnerable to security threats, it can affect your reputation. Make sure your staff is fully aware of who can do what and why.