Social media is now the window to any business. 83% of organizations use social media as a marketing tactic, making it the most popular marketing tool. It is updated far more regularly than any website and businesses build a following based on publishing engaging content regularly.
While businesses see the importance of using social media to quickly build their brand and reputation, there has been little emphasis on the downside to this. How social media can destroy a company’s reputation in an instant.
With just the slip of a finger, an organization can go from a well-respected brand to the center of a Twitter-fueled hate campaign. For example, in 2011, an employee at Chrysler sent out a tweet on the company Twitter feed that contained expletives about driving capabilities in Detroit. This sparked outrage, both on social media and with the press and a statement of apology had to be issued as well as the employee getting fired for ruining the brand’s reputation.
The weight social media holds in both a social and corporate settings has become so great but many of the safeguards aren’t keeping pace with the level of innovation in the field of social media. Despite corporate social profiles being used far more than company websites, there are not the same amount of controls in place to secure the platforms. Taking into consideration the fact that there are also far more ways for employees to be interacting with social media than web – threats could come from employees with access to the corporate accounts, employees connected to business social accounts via their personal accounts or members of the c-suite acting as the face of the company who both use their personal profile to share company updates and feature on the corporate account as spokespeople – this poses a further need for controls and policies to be put in place.
There are a number of ways to enforce controls to ensure corporate social media accounts are secured. The first step is for companies to analyze the potential threat. Asking questions like ‘what social platforms is the company using?’ ‘what are the risks associated with each social platform?’ ‘who has administrative access to these corporate social accounts?’ Only then can businesses start to create and design controls that work for the organization.
Awareness is key
At the heart of any business’s social media strategy should be employee awareness. Employees are the ones that post, share and engage with corporate accounts and most employees are connected or associated with their company via LinkedIn. Ensuring that employees know the risks associated with corporate social media is key to securing the accounts. Educating the workforce on how damaging something like sending a private message publicly or posting an inappropriate image can be to the business will be a vital first step. In addition, ensuring employees know the external threat of accessing personal social media on corporate devices is also crucial. For example, many cyber criminals will use LinkedIn and recruitment-type posts to fool employees into clicking on a malicious link that contains malware. This will ultimately steal company data and has the potential to cause huge financial and reputational damage.
Policies must be enforced
As well as changing attitudes within the company about the frivolous use of social media, processes and policies need to be put in place to ensure mistakes are minimized. For example, something as simple as having a process in place whereby all content that will be shared on social media is reviewed internally before being posted will ensure that anything that does not align with company values can be caught before it causes any reputational damage.
A safety net for the web
While the most important aspects of securing corporate social accounts sit with education and internal policies, technology can be implemented as a last line of defense. Technology can be used to mitigate both sides of social media threats - the malicious and the accidental. The first is Adaptive Redaction (AR) that remove malicious – or potentially malicious – content from any web links. If an employee is using social media on a corporate device, such as their laptop, AR has the ability to remove the potential issue before it is accessed via the corporate network.
Secondly, Clearswift’s Secure Web Gateway has the ability to monitor content as it is being shared on social media from inside the organization, meaning that anything potentially damaging can be blocked before it causes a problem. The gateway can decline or change anything that is not appropriate for posting.