If you’re a banker, there’s a pretty good chance you’ve been there, done that, and gotten the t-shirt when it comes to understanding social media risk. Regulatory compliance – check. Reputation management – check. But there is one more shadowy figure that has stepped into the spotlight in the last few years: cybersecurity. Even though security breaches aren’t necessarily associated with social media use, adding any element that introduces a third party can be a potential threat. The most recent breach occurred in July 2017 when Equifax was hit by a record-breaking hack that affected as many as 2.5 million people.
While the risk (and the price tag to avoid it) might be scary, it’s much scarier to avoid social media out of fear. Forty-four percent of affluent consumers engage with financial institutions on social media, and 90 percent of people would recommend a brand after interacting with them online. Avoidance is not an option. Your best course of action? Prevention. October is National Cybersecurity Awareness Month, and therefore a perfect time to evaluate your social media risk management program.
Several years ago, Russian hackers executed a large-scale breach, nabbing 1.2 billion username and password combinations, and 500 million email addresses from 420,000 web and FTP sites. It seems so simple, but maintaining a tight hold on passwords can make all the difference. Here are a few tips to avoid password problems:
- “Password” is not a password. They should be 6 to 8 characters, include a mixture of numbers and letters, capitals and lowercase, and characters.
- Passwords should change a minimum of every 3 months, and after an employee with access leaves the company.
- Only grant access to your social media accounts through a social media management and compliance tool.
Social Media Account Access
We've all heard stories of corporate accounts being hacked, sometimes by internal sources. In January 2013, entertainment company HMV’s mass layoffs were chronicled on Twitter by an intern who had access to the company account. Messages detailing the layoffs were sent to the company’s 70,000 followers before the marketing director managed to regain control of the situation, but the damage had been done. Rule #1 to securing your social media accounts is - don't share your social media passwords with your employees. Only high-level employees should have the keys to the social media castle. With social media management and compliance software, you can register your social media accounts and assign access to your team. Set permission levels and filtering rules, and revoke access with the click of a button.
There is no better way to know if your brand has been compromised than by keeping an eye on your social networks at all times. Using a social media monitoring tool, you can easily search for your brand name, hashtags and other relevant information to see who is saying what across the web and social media. The sooner you know your account has been compromised, the sooner you can implement your social media crisis plan and regain control of the conversation – and your reputation.
At the end of the day, a security breach can happen just by opening an email – it’s a sign of the times. But you can make sure your data, and that of your customers, is protected with something as simple as unique passwords. Additionally, consider whether your social media risk management program includes the correct governance, processes, training, and systems as outlined by the FFIEC. Download The Banker’s Guide to Social Media Risk Management Programs for tips on how to get started.
Read More Articles Like This:
Digital ER – How to Triage, Treat, and Discharge Social Media Crises
Your Bank is Social, Now What? 11 Ways to Protect Your Online Rep
Protect Your Brand from Bad Language