Agent efficiency, automation, and operational insights
Participation in social media is more or less a necessity for companies today. At the same time, your brand’s presence on these platforms inherently invites risk to your business’s reputation and security. And as organizations build their presence across social platforms to engage and serve customers, the scale and complexity of their social media operations will continue to grow, as will the associated risks.
To mitigate these risks, prevent social media emergencies, and stop social media crises in their tracks, it’s important to have a social media risk management plan as part of your digital marketing strategy.
To help your brand enforce protective security measures across your social media channels, our SMM experts at Khoros have assembled a six-step social media risk management plan.
Let’s get started.
Social media phishing occurs when a malicious third-party attempts to impersonate a brand and communicate with customers to get them to reveal sensitive personal information. On social media, some individuals will create fake brand accounts and publish posts designed to look like promotional offers using the same language used by the actual organization.
By clicking on the link, the consumer may enable the impersonator to access sensitive information such as company passwords and credit card numbers. Alternatively, some users will create fake accounts and respond to messages directed at the real brand, asking users to send personal information like in this example from a fake Verizon account.
Even if your brand accounts are secure, you should practice social media monitoring to quickly identify and report these scammers or risk their activities giving your brand a bad reputation.
Did you know that an eight-character password can be cracked in under eight hours? Meanwhile, according to LMG Security, it takes eight years to crack a 10-character password, and 77,000 years to crack a twelve-character password.
When choosing passwords for social media accounts, it can be tempting to opt for efficiency over security, choosing short, easy-to-remember passwords that are easy to share between platforms. Unfortunately, this practice makes your brand vulnerable to hackers, and this can have serious consequences; you're placing your brand's information in harm's way. You're also putting the sensitive customer information shared in private messages at risk, too.
Adding even a few extra characters can mean a lot more security, and secure password management software can help you gain back any efficiency lost by making passwords more complicated.
Brands must follow advertising regulations, industry standards, social media platform guidelines, contractual agreements with their partners, and internal rules. If your social media content is not being reviewed by the right people before it is posted, it ultimately may get into legal trouble or be removed from the platform entirely, costing you revenue, damaging your brand’s reputation, fueling a potential PR fiasco.
The internet can be a complicated place. And as we’ve seen time and time again, public sentiment can turn on a dime when something goes wrong. We mentioned that fake accounts are associated with phishing and scams, but they also pose a risk to your brand reputation.
Through fake accounts, users can impersonate brands and post content that’s malicious or uncharacteristic of the brand’s beliefs. For example, a user created the following fake account for Pepsi and posted a message “Coke is better” that received more than 3,000 likes and 700 retweets.
Should any of the above occur, your brand reputation could suffer — sometimes significantly — especially if issues are not handled quickly and professionally. That’s why it’s important for brands to utilize social media monitoring to identify impersonators before false messages go viral.
The objectives of your social media risk management plan should clearly outline exactly how your organization will proactively mitigate risks associated with social media, including content publishing breaches, user access, and disparate credentialing documents living in various areas that pose a security risk.
Your committee should document how your brand will proactively avoid risks and establish workflows when issues do occur. You will want to formally designate what roles in your corporation handle each step in these processes, and what is expected of the employees in this role. It is essential that those who handle these responsibilities understand the goal and value of your risk management plan, so ensure language used in documenting your plan and conveying responsibilities is clear and concise.
Moving forward, you’ll need to decide who has access to which accounts and what access level is appropriate for each individual. Depending on what social media platforms you are using, you may be able to limit permissions. If there are technological limitations, may have to set additional organizational rules.
For example, granting a marketing employee access to publish posts may also enable them to respond to private messages, even if you only want your customer service team to handle these interactions. Make the guidelines clear so that each person knows exactly what they are and are not allowed to post and engage on the brand’s behalf.
Beyond platform access and permission levels, make sure each employee is educated on the broader social media risk management policy so they understand the big picture and reasoning behind these precautions. Doing this will ensure nobody takes a shortcut when it’s time to create a new password or share access through an unsecured method.
It's important that everyone in your organization knows they have a responsibility and role to play in keeping the brand safe on social media.
At this stage, your social media risk management framework should be in place, but note that it will require regular maintenance.