Being on social media is essential for growing your business in 2019. There are billions of people signing into their accounts every day who are eager to learn about your products and services. Okay, maybe not billions seeing your page specifically, but the customers you want to find are definitely there.
However, as you should be anywhere online, you need be very vigilant with protecting your social media accounts. It may seem as simple as not giving out your login details and ensuring you have security software, but there are some crafty people out there. Luckily, we’re here with the information you need to keep your accounts safe and sound.
If you have staff with access to your business accounts, you’ll want to ensure their personal accounts follow these tips too. Share this article with them to keep them in the loop.
Secure Your Email Accounts (Even Ones Not Attached to Your Social Media)
Before setting up a social media account or giving anyone access to your business’s accounts, ensure every email is secure. Many of the suggestions we give below can also be applied to an email account, such as multi-factor authentication and creating a tricky password.
If your email account is not secure, someone can hack the account and potentially reset your social media login information. It will also stop them gaining access to any sensitive information you store on your email platform.
Add User Permissions—Don’t Give Out Passwords
Never, ever give out your password to anyone. Thanks to various roles on Facebook Business Pages, there’s actually no need for it. You can control what access your staff have to your page and can instantly remove them if you no longer want them on there (like if they leave your business). From admin, that gives them full access and privileges, to editor, that only lets them post, you can dictate their access and reduce risk. Here are Facebook’s instructions for adding a user.
You can also do this for Instagram.
Secure Your Passwords & Change Them Often
The ABC exposed the password 123456 as being breached 20,760,336 times. Your password is not only how a website or program identifies you as a particular user—it stops people from accessing your account too. So, make it hard to guess.
What to avoid in your passwords:
- Using the same password more than once.
- The word ‘password’.
- Sequences, such as abc or 123.
- Family names or special occasion dates.
- Favourite numbers, colours or words.
- Common phrases.
How to make a strong password:
- Make your password as long as possible.
- Use a combination of capital and lowercase letters, numbers and characters (eg. !f!C0ULdFly_IW0ulDV!s&T_PlUtO [If I could fly, I would visit Pluto]).
- Create a unique password for every account.
- Play with patterns and uncommon phrases.
Change your password every few months or every time a staff member leaves.
See below for how to remember tricky passwords.
Establish A Two-Factor Authentication on Every Social Media Platform
Multi-factor authentication may create some hoops for you to jump through before you can sign into your social, but it does for hackers too. If your email address is compromised, it’s super easy for someone else to reset any passwords linked to that email account. Whereas if you had SMS verification turned on too, they would need to have your mobile phone in hand to gain access.
The way it works is that once you sign in with your password, you’ll receive a code by text to enter before you can sign in. Someone would have to be very crafty to jump that hoop.
Here as some guides on how to setup two-factor authentication on:
Enable Unrecognised Login Notifications
Say someone does hack any of your social media accounts, you won’t know until a friend or family member tells you or until the next time you login. Login attempt notifications will send you an email or SMS to tell you if an unrecognised device has tried to access your account. For example, if you sign into your Facebook on a new computer, you’ll receive an alert. If someone from Russia tries to hack your account, you’ll know.
This gives you a head start on retrieving your accounts back as soon as possible.
Secure Your Login information
If you store your passwords online, such as in a Google Doc, they’re easier to access. Many people use the ol’ post-it note under the keyboard trick or inside the front cover of a notebook, but those can be stolen too. So, where do you keep your passwords? Well, digital safes are one option.
Most virus protection software providers will provide some sort of digital password safe. They normally work by storing your passwords on an encrypted file on your computer, so only you can access your password. Either that or buy an actual safe.
Use a VPN, if Concerned
This one is a little more technical but it’s still useful to know.
A virtual private network (VPN) creates an encrypted cyber tunnel to hide your online activity, including logging into social media platforms and websites. It sounds a little shifty, and sometimes it’s used for dodgy activities, but for you, it will hide your login details.
You will almost surely need to pay for a VPN, however, not as much as you’d think. Some VPNs have a lifetime cost or for as little as $2 a month. Always read through their policies thoroughly to ensure they do not store information. There is always the risk of breach, so you don’t want your information sitting there waiting for unwelcome eyes.
You’ll also only want to use website on a secure network. This article about SSL certificates explained how to ensure you are.
What to Do if You’re Social Media is Hacked
Don’t worry, not all hope is lost. Firstly, whatever you do, don’t pay a ransom. It rarely works. Next, do not engage with the hackers as this can lead to inappropriate content being posted on your social media accounts. Here’s what you should do the second you realise your account has been compromised:
- Try and reset your password and regain access.
- If you cannot regain access, attempt to post a notification to your follows on another platform to alert them.
- Check your other social media accounts and change their passwords.
- Log out of any apps or websites you log into using the platform.
- Inspect your bank account for any unknown purchases.
- Contact any joint users to see if they have access.
- Report the hack to the social media platform.
If you have lost access to your account, it may take several days to retrieve access. Some businesses have never been able to gain access again, so it’s better to be better safe than sorry.