While cyber security usually focuses on protecting potential threats to your email accounts or websites, social media is just as important.
Social media can be a huge benefit for public sector entities, not just for the private sector and personal brands. These platforms allow your organization to engage and connect with your community. These communications can range from event awareness to emergency alerts and everything in between.
Even though social media is a great tool for agencies, the 2018 Social Government Benchmark Report showed only 39% of public sector social media officials feel confident about their own security practices on these platforms. This low confidence boils down to lacking an emergency plan and training in case of a cyber security breach.
Proper security practices and an emergency plan will help your team feel confident and empowered to handle the worst-case scenarios when it comes to cyber security on social media. Here are our five recommended steps to start preparing your team:
Perform an Audit
Before you start creating rules and regulations for your social media accounts, you’ll first need to perform a social media audit to see where your organization currently stands. Dive into your accounts and see which current and former employees have access, which third party apps your team has connected with each social profile, and if there are any unused or dormant social media pages for your organization. After evaluation, you can now figure out what to focus on when moving forward towards improving your agency’s online security.
Organize Team Access Levels
Workflow processes for any team in your organization’s day-to-day responsibilities are important, and social media is no exception. You’ll need to implement certain permissions and approval levels for each user on your social media accounts. In order to improve your security, ensuring only trusted employees have access to your accounts is critical. Establishing a workflow helps you consistently keep track of activities across your accounts. Careless staff members are some of the biggest threats to cyber security, so ensuring these specific permissions are in place will help minimize any potential mistakes that could risk your organization’s online security.
Enforce Multi-Step Authentication Procedures
Requiring multiple forms of identification in order to log in to your social media accounts is highly recommended. In addition, designate someone in charge who will receive and approve notifications for new devices and failed login attempts.
Build an Emergency Response Plan
If something does go wrong and your social media accounts are compromised, do you have an emergency response plan in place? Your team needs to have a strategy mapped out to help you react appropriately when passwords need to be changed and how to reclaim compromised accounts. You will also need to communicate with your audience and leadership team effectively to let them know exactly what happened, how you fixed the issue, and what your team is going to do moving forward to prevent it from happening again.
Train Your Team
Once you have a plan in place, it’s time to train your entire team. Start with providing them with a social media employee policy, which outlines how employees will use your organization’s accounts responsibly. Teach them about various approval processes, best practices for account security, and what to do in case of a security emergency. Proper preparation will help your team feel confident enough to properly utilize your organization’s social media accounts and ultimately help improve your online security.
If you’re concerned about your organization’s online security, contact us to learn more about how we can help protect your agency against potential cyber security threats.