I came across a great article in the Globe and Mail recently, that I wanted to share with people which presents 10 concrete steps to protect businesses from having their social media accounts hacked.
http://www.theglobeandmail.com/report-on-business/small-business/sb-tools/top-tens/ten-ways-to-protect-your-workplace-from-twitter-hacking/article14084647/
Social media accounts present hackers with another attack vector by which to compromise organizations. Often, due to social media still being quite new for many businesses, they lack corporate security policies around social media - policies like who can use those accounts, how are those accounts secured, what type of corporate information can be shared via social media, etc. Sometimes, due to the often informal nature of social media, individuals may feel that these accounts fall outside the realm of corporate information security. However, social media and their related accounts (Facebook, Twitter, Instagram, etc.) can often be easy inroads into a businesses' computer infrastructure for those that would either steal corporate intellectual property, or try to compromise computer security for other criminal purposes.
The article goes through 10 best practices which are very practical steps that I see many large enterprises adopting in my own work. Some of them are very common sense but quite critical to organizations protecting their information:
- Provide employees with easy to follow guidelines
- Define what's confidential
- Look at your employees differently
- Be social but be smart
- Don't link all your accounts
In the spirit of full disclosure, the article happens to be written by my wonderful wife Laura Maio (twitter: @LJMaio). :-)
- Antonio