Five Ways to Keep Your Association’s Social Media Accounts Safe
With the need for many teams and stakeholders to have access to your social media accounts, it’s important to have strategies to ensure your accounts are managed carefully. Read on for a few tips.
When it comes to social media management for brands, two things are generally true: One, it’s important to curate the platform carefully; and two, multiple people may need access to the account.
It creates a lot of natural risk for something that’s very much front-facing, and it can run into dangers as diverse as phishing to disgruntled employees.
So what’s a good association to do? A few ideas worth keeping in mind:
Keep a point person or two in charge of what gets shared. Your social media person should play point on the entire account—not just in writing the posts but also in ensuring that different parts of the organization have their messages shared on different platforms. By keeping an account under the primary control of a single person or a small team, it also helps security by ensuring that account information is being shared with smaller groups of people. With that in mind, Business News Daily writer Saige Driver notes that it’s important that more than one person know the password. “While you want to limit the number of people with access to your accounts, more than one person should know the password,” Driver says. “If only one person has access to an account and they’re fired, it will be a hassle regaining control of the account.”
Use a social media scheduling tool. The average user might share social media information on a raw account, but that probably doesn’t make sense for a company or broader organization that needs to manage a whole lot of content—or deal with lots of interactions. This is where something like Buffer or Sprout Social might come in handy—often, these tools can handle the need for a lot of hands to contribute to a single account while ensuring that the hands aren’t able to do things like, say, change the account’s avatar or password. Be sure to set roles for each user based on the needed level of account access.
Make sure your account’s contact information is up to date. Inevitably, people leave an organization, and if for some reason something happens to the account that requires the use of their phone number or email address, you could be in big trouble. Make sure you do a periodic audit of your key social media accounts to ensure that the person in charge of keeping your account online is the person actually attached to the account.
Use a password manager or single-sign-on tool. If you do need to share a password with a group of people, put it behind layers of security so the login is obfuscated. Smaller organizations might be able to use password managers such as 1Password, which include built-in team management options; larger ones may want to use a single-sign-on (SSO) tool like Okta to manage the login information in a way that adds standard security to any shared accounts. “If we leave password management up to the individual, there’s simply no practical way for them to memorize such a large quantity of unique, complex passwords,” Heinan Landa writes on The Business Journals. “They’ll either repeat the weak passwords they already have memorized across corporate accounts, or they’ll come up with new passwords that they have to write down somewhere in order to keep track. They don’t have any other choice.”
If you’re not using a tool, disconnect it. Often, social media requires additional applications for things like analytics and account management. But over time, those tools can prove a liability by increasing the surface a spammer or hacker could use to attack an account, LastPass writer Amber Gott notes. “Only allow access to apps that are trusted, and regularly review your settings to remove unneeded apps,” she explains. “In Twitter, for example, go to your account’s Application page and click ‘revoke access’ for each app.”
(Tero Vesalainen/iStock/Getty Images Plus)