Organizations of all shapes and sizes have recently been
subject to social media security breaches. Accounts have been hacked, altered,
and used to promulgate unwanted messages. The devastating result has been
tarnished brand reputation and a loss of profile views and followers.social media (network) security - an over-arching term that describes the policies and procedures implemented by a network administrator on social media “to avoid and keep track of unauthorized access, exploitation, modification, or denial of the network and network resources” (Janssen, n.d.).
social media policy
- A social media policy is a corporate code of conduct that provides “guidelines
for employees who post content on the Internet either as part of their job or
as a private person” (Rouse, 2011).
There are 5 easy ways to secure your organization’s social
media channels to ensure that your organization stays protected:
·
Educate
and train employees: If you don’t want employees who are unfamiliar with
social media to be using those platforms due to security risks, then educate
them. Training employees about how to use social media tools helps ensure they
are doing so securely. Structured social media training programs exist. See
this recommended social media training template.
·
Centralize
your social media channels: Perform an audit of all the social media
accounts in your organization. Find out who manages them and who has access to
them. Delete any extraneous accounts and remove permission from anyone who shouldn’t
have it. Use a social media management system.
·
Protect
your passwords: Consider implementing
a password management tool, like LastPass. This tool generates secure passwords that you can use.
·
Develop a
message approval process: Social media management systems allow teams to
check the content of messages for errors and to review every post before it
goes public. This helps instill an appropriate approval process.
·
Have a
crisis plan in place: Train your team to run through various scenarios in
the event that one of your social media accounts were compromised so you are
prepared for the unexpected. Get your social media crisis plan in place.
Social media can be one of your organizations greatest assets or one of its easily vulnerable liabilities. Sound social media policies and security are meant to keep your mind at rest so you can stay focused on engaging audiences through our organization’s social media channels. Protect yourself!
References:
Janssen. (n.d.). Network Security. Retrieved February 24,
2014, from Techopedia website:
Rouse, M. (2011, August). Social Media Policy. Retrieved
February 24, 2014, from SearchCompliance
This comment has been removed by the author.
ReplyDeleteHey Issac,
ReplyDeleteGood post this week, You used images and videos to explain what are the five ways to secure your organizations social media channels in order to protect your organization. Due to the availability of data and in order to make sure that data is protected social media security is very important and a trending topic in the industry.I found a great article on the top 5 social media security threats. Please read the article and give me your thoughts on these potential threats and how you would address them
Article:
http://www.networkworld.com/news/2011/053111-social-media-security.html
Isaac,
ReplyDeleteNice job this week, I really enjoyed your supplemental information as well as reference materials.
I had never looked into LastPass, so thank you for bringing that to my attention. As mentioned on my blog post reply to you, I question the security of social management applications, mainly because they require a single password to access multiple accounts. From an organizational standpoint, that level of security for one password to access multiple accounts as opposed to multiple accounts with multiple passwords seems unsettling.
SHRM developed an excellent business case in which I reference almost daily in my current position. Since you posted several examples of social media policies that are highly respected in the industry, I encourage you to look at the following points that they address as being necessities in a social media policy:
Defines what the organization means when it refers to “social networking.”
Establishes a clear and defined purpose for the policy.
Communicates benefits of social networking and of having a policy.
Provides a clear platform for educating employees.
Takes into consideration any legal consequences of not following laws.
Refers to proprietary and confidential information at risk.
Talks about productivity in terms of social networking.
Establishes expected behavioral norms in the use of social networking.
Provides guidance regarding social networking that could be associated with the organization, employees or customers. Some employers may prohibit posting of company information on social networking sites without the employer’s explicit consent.
Outlines disciplinary measures the employer will take if employees violate social media policy. (2012)
Do you feel that the examples you provided coincide with SHRM? Is there anything that you feel the organizations could improve on, or are they still model examples of social policies?
References:
Daniel, T. (2012, December 5). Managing and Leveraging Workplace Use of Social Media. Retrieved on February 26, 2014 from SHRM: http://www.shrm.org/templatestools/toolkits/pages/managingsocialmedia.aspx
Thanks for the comment. Personally, I feel that Ford's social media policy does coincide with SHRM. I also feel that their policy in particular does a good job of highlighting the need for exercising responsibility when employees post online. The one thing that I couldn't find apparent in Ford's policy initially was the emphasis on the power of social media as a tool to advance Ford's mission. I think it's a missed opportunity when policies don't clearly set the vision of what can happen through positive social media engagement and usage. Zappos and other companies tend to be more innovative in their presentation and open in their approach.
DeleteWhat is the best social media policy you have seen from a professional standpoint?
I have to say IBM has set the bar high for social media policies. As one of the innovators of corporate internal social networking, they were able to develop the policy internally, then extending the same qualifications to external platforms. They were one of the first organizations to develop a social policy, and have since inception, have changed their policy to reflect changes and updates with newer social technology.
DeleteI think that piece is so extremely important. When an organization is socially responsible, they will realize that a social media policy from 6 months ago might not be relevant today. As social platforms continue to expand on their features and functionality, and the viral effect of new platforms, organizations must be educated on their capabilities and address them accordingly in an updated social media policy.
Have you seen any organizations impacted negatively from not updating their social policy? For example, if they did not address potential interactions on Instagram, Vine or other newer platforms?
Saurav,
ReplyDeleteThanks for forwarding the article. below are my responses:
Mobile apps
Mobile apps pose a huge threat with malware.
Recommendation: research every mobile app before downloading to verify authenticity.
Social engineering
This is especially popular via email.
Recommendation: never give out personal information online to unknown parties – ever!
Social networking sites
There are too many threats here to mention but Facebook apps and Twitter links come to mind.
Recommendation: never install an app you haven’t researched and be careful of clicking on unknown twitter links.
Your employees
Employees pose a great risk to brand reputation of the company or organization they represent.
Recommendation: invest in training and making social media policies and expectations clear.
Lack of a social media policy
It’s just stupid not to have one.
What threats do you feel exist specifically for nonprofits or higher education on social media channels?
Hey Issac,
DeleteSome unique suggestions you gave here. Mobile apps do contain a lot of malware but unfortunately a lot of people are downloading them because of the ease of access. Lot of websites are using mobile apps and people are downloading them due to the convenience of using them on their phone and not having to log in through a PC or Mac. I agree you should not give out any information online to unknown parties as that will make you vulnerable to identity theft and other items that will endanger your wellbeing. Great point on training and developing employees and making them aware about social media and other policies. For nonprofits and higher education the threats that exist on social media sites include giving away information that is pertinent to the institution and that is confidential.
Please review this website as it provides some great facts
http://www.websense.com/content/higher-education-solutions.aspx
My blog is not letting me reply to people's comments tonight - weird. I guess I will have to visit other blogs and engage.
ReplyDeleteIsaac,
ReplyDeleteNice blog post this week! The focus on policy breaks down ways in which companies can easily monitor social media and takes the the fear out of it. Do you think the program LastPass offers has the ability to be hacked?
My last company had a small device that had a number code that changed the password to my access to the intranet they had. Do you think something like this could be wise for use with social media, or is it too dated?
Courtney,
DeleteI do believe LastPass is a secure way to manage passwords without being hacked. I think the technology you indicated about changing codes is a great idea as well. Real estate professionals use similar technology to access very private and important information. I also have a friend in sales who is using the technology you mentioned.
I"m not sure if it will work in social media management. What are the most useful tools you use at work for security on social media?
Isaac,
ReplyDeleteThanks to your video you posted this week, I have found an incredible resource to help my nonprofit! HooteSuite has been a useful tool for my own social media management, but tehy provide excellent resources for organizations. They have a guide called: Compliance Guide
Ensure Social Media Compliance Across Your Organization. You can find it here: http://blog.hootsuite.com/compliance-guide/
Once I downloaded this concise and informative document, I have found some key tips in managing my nonprofit's social media security.
Some key take aways from this compliance guide were:
-Categorize each account for analysis and reporting. We all know that analysis is a great way to support efforts and improve capabilities.
-Employee education. This section really helped me organize a training process for my central office and board members.
I'm so excited about what I have learn in this short document and I encourage others to take a look and see what they can enhance for thier organization.
Thank you,
Becky
Rebecca,
ReplyDeleteThanks for sharing. I like the content in the article that outlines the need to identify content creators and the ease with which Hootsuite allows designated people to control administrative privileges. This allows a company or organization to choose the sort of social media organizational structure that they desire and then the software capabilities to manage the desired structure.
How have you used Hootsuite and what did you find most compelling and helpful in the nonprofit world (that's my world as well).
Thanks.
Isaac
Isaac,
DeleteI recall in one of our previous classes us sharing a common sector. HootSuite provides a 20% discount for nonprofits. HootSuite will enable us to manage our few social media platforms all in one place. The benefits help us manage awareness campaigns and many public outreach initiatives. We need to further some staff on the training of our social media platforms, to take the responsibility off of the board members. We look forward to finding more and more benefits that come with our use of the product.
Do you have any managing platforms that you use for your nonprofit? What social media platforms does your nonprofit stay away from?
-Becky
Isaac,
ReplyDeleteI thought you did a great job with this weeks blog post. You were able to relate the reading with great examples in an interesting way! I also thought your five points were spot on. Those five steps can truly be used to implement social media security for personal or business use, in the process leading the way for future success. I would like to also point out one of the steps you mentioned. The idea of developing a message approval process seems to be left out of companies social media plans. I'm not sure if it's because they truly trust whoever is operating these accounts or they never thought of it, but it's obvious when companies leave this system of "checks and balances" out. One brand that may rethink their approval process is SpaghettiOs. Back in December, the brand made a tweet in remember Pearl Harbor. The tweet featured a SpaghettiO licking his lips with a happy grin and holding the American flag. Even though the tweet was made in good nature, it was taken a different way by their audience. Thousands of people retweeted it, noting its jarring tone, given the gravity of Pearl of Harbor, where thousands of Americans lost their lives (Associated Press, 2013). Eventually Campbell Soup, the parent company of the brand, called for the tweet to be taken down. Later, both SpaghettiOs and Campbell Soup offered apologizes for the tweet over Twitter (Associated Press, 2014). This whole situation could have been avoided if they had a proper internal message approval system!
Source:
Uh-oh spaghettios: Food company deletes pearl harbor tweet in poor taste. (2013, December 07). Retrieved from http://triblive.com/news/editorspicks/5214076-74/tweet-harbor-pearl
Pat -
DeleteI completely agree with you on the need for message approval systems. In fact, at my workplace (nonprofit), we were just talking about the essential need of this so our brand's voice and tone stay consistent. It seems like management entrusts this to the social media managers, but unless this is clear and well defined, social media channels can lack consistency and effectiveness. Do you have some examples of social media message approval models that you have seen work at companies or organizations?
Saurav,
ReplyDeleteI like the article and agree with the assessment that social media requires one to stay on top of the latest developments in privacy and security. I am a fir believer in this and the need, given our cultural reality.
Thanks for sharing!
Issac,
ReplyDeleteThank you for taking part in this weeks discussion. Social Media is a fun and collaborative environment where consumers as well as businesses engage in order to facilitate effective two way communication. As you indicated in your original post, companies that want to ensure there employees are knowledgeable a strong social media policy is key as it provides guidance to them.As Rouse states, a social media policy is a corporate code of conduct that provides “guidelines for employees who post content on the Internet either as part of their job or as a private person” (Rouse, 2011). I believe with these guidelines and the five easy ways that was discussed in your original post on how to protect data, companies will have an easier time protecting confidential data.
Reference:
Rouse, M. (2011, August). Social Media Policy. Retrieved February 24, 2014, from SearchCompliance
website: http://searchcompliance.techtarget.com/definition/social-media-policy
Hi Isaac,
ReplyDeleteI enjoy reading your posts and your insights into the subject matter. Your POV comes across in your strong writing style. I hope you continue this blog after class is over, I'd like to keep learning from you.
In Team 4, Meagan DiMarco's post this week highlighted some key ingredients for effective social media policies, such as managing internal and external hosted applications and the importance of monitoring tools. This is similar to the 5 ways you listed to secure social media channels, especially centralizing the channels and developing a message approval process. Check out her post if you haven’t, it’s a great read: http://socialmediameg.blogspot.com/2014/02/what-happens-in-vegas-stays-on-youtube.html#comment-form.
The 5 steps you laid out are so effective, as it covers both internal and external communications. The article you shared, An outline of a Social Media training plan, highlights the importance of authenticity and the need for a consistent tone of voice on all sites so there is not “a gap between how users perceive the company versus how the company speaks for itself” (Adams, 2012). I think this need for a consistent voice is also crucial for internal communications, in order to lead by example and ensure employees are on the same page as the organization in terms of security standards. As the article further states, it’s vital to make sure what an organization nails down what it “wants to say, how it says it, and to whom”, and without these aspects run the risk of not following its own strategy or procedures (Adams, 2012). Thanks for sharing that article, it was a great read.
References
Adams, B. (2012, August 15). An outline of a Social Media training plan. State of Digital. Retrieved from http://www.stateofdigital.com/an-outline-of-a-social-media-training-plan/
HI Isaac,
ReplyDeleteNice Post! I did not know much about last pass. I am reading a lot about how important security breach is becoming in the digital world. Great video on preparing an effective social media plan. I really enjoy your blog each week. Your insight is very well organized and helpful. The five steps you laid out are essential to managing social media security. You made a great point about the use of a message approval system. Very important tactic for an organization to use internally or externally. I look forward to your blog every week.
Thanks Kenya. Message approval system is an important aspect of keeping a brand's identity and tone of voice. What other methods, if any, have you used to secure social media channels?
DeleteWaw...Nice information thanks for sharing this wonderful article about Network Security
ReplyDelete