Social network hacks have been making the headlines recently. Most notably, two major corporations, Burger King and Jeep, both had their Twitter accounts hacked into and their pages' designs altered, along with some less-than-clever obscenity-laden tweets. Both companies resolved their issues within a day, but not before making national news and, in a turn of good fortune, earning thousands of new followers in the process.
Moreover, emails were sent out to specific Tumblr users last week (your author included), notifying them that some of their account information may have been exposed because of a security breach of the microblogging site's customer service software provider, Zendesk. In addition, both Pinterest and Twitter may have been affected by this breach.
If you've been paying attention, you'll know that these types of hacks are clearly increasing in both frequency and severity. Until recently, these types of large-scale, newsworthy hacks (or "security breaches," if you prefer the euphemism) were relegated primarily to the websites of large organizations or entities (think: the time that the hacker group Anonymous broke into the various websites owned by the Syrian government). And so far, most of these social media-related breaches were also aimed at huge enterprise-level businesses.
However, as companies begin to, somewhat out of necessity, expand their Web presence beyond just their sites to various social networks and other websites related to their industries, the opportunities to experience a breach increases as well. Add to that a growing number of people with the time and ability to hack these accounts, and suddenly this emerging issue could become a concern for medium-sized businesses, and perhaps even some smaller ones too.
Of course, we're not trying to scare anybody here, but it's definitely a good idea to be aware of the possibility that one of your social accounts could be hacked - and to be prepared for it. Businesses of all shapes and sizes could benefit from following a few simple rules to ensure that their online properties and digital presence remain safe and secure for years to come. Just consider the following:
Although a strong password may be more difficult to remember, it can also help prevent security breaches. A few best practices to remember when selecting a password are to make it at least seven characters long, avoid using obvious terms (ex. company's name, date it was founded, street name, etc.) and to use a variation of characters, including uppercase and lowercase letters, numbers and symbols.
Often times, companies have multiple employees monitoring and managing their social accounts, which could pose a problem if these individuals aren't trustworthy. That being said, you can allow employees to manage accounts without giving out password information by specifying employee duties within the "Admin Roles" menu for Facebook Pages. In addition, platforms like HootSuite also allow companies to leverage permission-based profiles.
While Twitter doesn't offer this type of security feature (yet), other platforms do, such as Facebook and Google. This feature adds an extra layer of security to accounts because it requires users to enter a unique code, typically sent to a verified email address or mobile phone, when logging into an account from an unrecognized device.
Protect all of your accounts by using different passwords for each one. By doing this, you won't have to worry about the security of your Facebook and LinkedIn accounts if your Twitter account has been hacked.
Just because you have a strong password doesn't mean you can keep it forever. In fact, it is a best practice to change your password at least once every six months. However, feel free to do it even more frequently if you want.
It is not always possible to prevent a security breach, as seen by the recent attacks on big-name companies. This is why every business should take time to create an emergency plan that outlines acceptable procedures to implement in the event of a hack. These plans should include contact information for anyone who should be notified about the attack (both in your company and at the social networks), a process for handling public complaints/questions and an outline of a press statement acknowledging the breach.
Michael Garrity is an Associate Editor at Website Magazine, focusing primarily on search, design and development and affiliate marketing.
Allison Howen is an Associate Editor at Website Magazine, writing primarily about ecommerce and social media.