These days, if your business doesn’t have a presence on social media – whether that’s Twitter, Facebook or LinkedIn – you’re missing a trick. It’s becoming a vital way to connect with customers. However, it also creates a vulnerability that you might not be considering.
Social media teams should follow cybersecurity best practices
Most corporate social media accounts are managed by in-house PR or marketing teams. In some cases, they might be managed by external agencies. However, often these social media accounts have no oversight from the company’s cybersecurity teams to ensure they are following best practices. This includes creating strong passwords, using multi-factor authentication, or undertaking real-time monitoring to detect potential compromise.
Whilst it can feel annoying to have these extra layers of security in place, particularly when multiple people need access to the accounts, it’s crucial to ensure that social media doesn’t become the chink in the company’s armour against cybercriminals.
Why is security oversight of social media important?
Hackers can get a lot of information via social media platforms – personal contact details, login details etc. Once criminals have this information, it doesn’t take much to hijack accounts which, for companies, could be very damaging for brand image and stock value.
And social media companies are targets for hackers, who are always looking out for ways to crack their security. In January 2022, a vulnerability in Twitter allowed attackers to access phone numbers and emails associated with users. A database of 5.4m users is now for sale on the dark web. And Facebook Business accounts have recently been the target of a new malware operation dubbed “Ducktail”
As a result, it’s crucial to consider social media within your overall cybersecurity strategy, and ensure staff and contractors using it are following best practices set by your security teams.