Security is not a topic that regularly comes up when discussing brand reputation management, however in a communications environment that increasingly relies on third party social networks it needs to be. Often the management of security for these accounts is not given much thought, however when it fails and a company is compromised the damage is incredibly visible, damaging and costly. A hacked Twitter account can damage your brand so why not take some simple steps to avoid it ever happening?
This post will go through the potential negative brand impact of poorly managed security, some simple rules to follow to avoid issues happening to your brand and some great tools to help you out.
Not important until fatal
Brands engaged in managing social media profiles need to give access to their accounts to numerous internal and external stakeholders. The security around how these accounts are managed is (in my experience) average at best and sometimes outright negligable. From weak passwords through to sharing login information through unencrypted channels like email, marketers and agencies generally don’t pay attention to how venrable they are making their brand.
Security breaches cost money. Most famously, Sony’s Playstation hack in 2011 directly cost the company $170M. There are different kinds of security breaches, Sony’s was your more traditional ‘hacker getting access to your servers’ breach, however there can be breaches to even a Twitter profile. A couple of recent examples illustrate the potential threat pretty well.
- Burger King in Feburary 2013 Burger King’s Twitter account was comprimised. The hackers changed the background image to a Big Mac and began posting Tweets that were either vulgar or directly defamed Burger King.
- Associated Press in what has been deemed the most ‘Priciest Tweet In The World’, hackers caused $136.5Bn to be wiped out of the S&P 500 Index’s value – pictured above.
To avoid the embarresment, pain and expense of a similar breach of your third party accounts just follow a few simple rules:
- Use good passwords the world’s most used passwords is well known (my favorite is ‘monkey’ which has been in the top twenty list since 2009) and used as a first resort by tools that automate password cracking.
- Use unique passwords using the same password for your accounts is a bad idea. No matter how strong your password is you only need someone to compromise it once and they have access to your entire digital identity.
- No one knows your password only have one admin that actually has access to the password. Rather than sharing the password via unsecure channels like email use a service like Lastpass that lets you share passwords with people without revealing what the password is.
- Used multi-factor auth where possible use multi-factor authentication. This requires you to know the password to an account and also to verify your identity with a second method (usually a dongle that gives a code or an sms to your mobile).
Avoiding the pain
So there you have it; a couple of simple steps that will help to avoid a lot of potential pain in the future. Don’t leave your brand’s reputation up to luck!