Five Tips to Keep Your Brand Hack-Free in Social Media

Rule 1: Make Sure Your Passwords Are Strong and Don't Email Them

By Published on .

Most Popular

Last week's hacking of the Jeep and Burger King Twitter accounts highlighted just how vulnerable brands can be when building out marketing channels on what are essentially consumer platforms. Here, some security tips to minimize your company's risk of being hacked, courtesy of digital agency Deep Focus.

Store securely
Free tools like KeePass can store personal logins in an encrypted file. Services like LastPass can do the same while enabling remote access. Don't keep a shared file of log-ins or disseminate them in a spreadsheet on Dropbox.

Have a gatekeeper
Master accounts should be managed by a senior owner for the brand only. If someone requests access to master accounts and brand pages alike, send them to the gatekeeper.

Be stingy
Only grant access to logins and brand pages to those who absolutely need it. For Facebook pages, grant the lowest level of permission needed for someone to do his or her job. For example, a media partner who needs Facebook Insights access shouldn't have permissions to enable him or her to handle content on your pages. If someone needs temporary access, set a calendar reminder to remind you to remove it when they're done.

Keep it professional
Create a Facebook account strictly for work. (Most agencies already know to have employees do this, but there's room for improvement on the client side.) Only accept friend requests from co-workers and vendors working on your brand pages, and restrict all sharing settings to the maximum degree of privacy. Don't log in on a mobile device unless it's absolutely necessary, and and sign out immediately when you're done.

Use the tools you have
Audit the settings in all of your accounts. Enable two-factor authentication for Facebook -- which requires users to verify their identity by responding to a text in order to access their account from a new device -- and update your Twitter settings to require verification for password changes.

In this article: