Q: I’ve heard horror stories about social media contractors accidentally posting personal remarks to a company’s Twitter or Facebook stream. How do we know we can trust someone not to do this?
A: Before hiring a social media vendor, it’s important to ask what kind of security policies they have in place.
Vendors tend to manage multiple social media accounts for multiple clients. In addition, your vendor’s account managers are also likely maintaining their own personal social media accounts. One sloppy social media mix-up can hurt the reputation of your business. For example, an individual member of KitchenAid’s Twitter team sent out an offensive personal tweet on the official KitchenAid Twitter account in 2012, resulting in negative publicity for the company. You can read more about this error on Mashable.com.
Fortunately, social media mistakes like this one are preventable with some basic rules in place. Here’s a list of social media security rules that we abide by. Rules like these can reduce the risk of costly social media mistakes and help to build trust between business owners and social media vendors.
Social Media Security Rules
- Never manage client social media accounts on a cell phone or mobile device app.
- Use a different password on every account.
- Never use the same social media management tool to manage personal social media accounts and client social media accounts.
- Always log out after using a social media site or social media management tool so that you or others do not inadvertently access a client account.
- Utilize a secure password program (such as 1Password) to log into social media accounts and tools.
- As an extra precaution, set up browser history to automatically delete/clear after the browser is closed.
- When using social media sites or social media management tools, look for client logo icons and user names to verify that you are in the correct account before proceeding.
- When scheduling future posts, double check them for accuracy in the scheduling tool once the post is scheduled.
- Always double check the destination of shortened urls prior to scheduling or issuing live social media posts.
- When issuing live posts, double check the post for accuracy before and after you have issued it. If you make an error, acknowledge the error and correct it quickly.
- Periodically review the list of applications that have access to client Twitter and Facebook accounts, and ensure that these are deleted when not in use.
These social media security rules should be in addition to general company security rules, such as requiring that all computers and mobile devices be protected by passwords, using two-step verification for Gmail, and never emailing passwords.