1. Blog

The six steps to keeping your social media safe

Social media: Jimmy takes a look at how to ensure your social media management doesn't come unstuck. Hopefully your social content doesn't go the way of Tottenham Hotspur.

A close up photo of a pain brush which has been dipped in bright red paint and which is resting on the paint pot. This is in reference to article in which the relationship between paint company Dulux and football club Tottenham Hotspur got off to a rocky start.

When Tottenham Hotspur announced Dulux as their new sponsor, whoever was in charge of the paint-peddler’s Twitter account seemed to be a little off-message. That person may be looking for new employment.

As the Dulux marketing team’s delight at the deal turned to horror at the messaging, they may have reflected that, not only was it not wise to have an Arsenal fan running their social media, but the security of those accounts was pretty important too.

Keeping social media accounts safe is a significant issue for all organisations, even those nowhere near the scale of Spurs or Dulux.

But whether you have a media team of hundreds or whether it’s just you, it’s key that you keep access to your social media accounts safe - so that you can protect them from being hacked (and thereby preserve your organisation’s reputation, while being able to access your accounts from wherever you are.

So try these little tips:

Use strong passwords

Memorable passwords like the dog’s name and its birthday may mean you can keep it in your head, but it’s not great for security. Use a minimum of 12 characters - randomly made up of numbers and upper and lower case letters. There are some further useful tips here

Use two-factor authorisation

Two-factor authorisation is the belt and braces approach - where you have to prove you have both of them with you. Typically you would log in with a username and password and then have to provide further information to confirm it’s you. You’ve probably come across it with your bank or payment systems - you might receive a text or an email with a pin code or you may be referred to a password manager app (like LastPass or Duo). A little cumbersome, but a much stronger process (which is why the banks use it).

A password manager can also be useful in making sure you don’t forget the log-in details and allows you to share access to accounts, but not the password.

Make sure a small group has access

While you want to make access to your accounts secure, you don’t want it so secure that only one person can log in. That person may want a holiday, or be ill or just not be responsive out of hours.

You should have at least three people with log-ins to your Twitter account and any tools you use to manage them (Hootsuite, Tweetdeck and so on) and the same number of admins for your Facebook, Instagram and LinkedIn company pages - in case one of them loses access to their personal account or leaves your organisation. Only admins can add other admins to those pages.

And check you have a record of who has access, and to which channels if you’ve split that up. If someone leaves the organisation, have a clear hand-over process and review the access to the accounts and tools regularly.

Without that, you might be reliant on contacting the platforms if you get locked out, or in a communications crisis out of hours. Social media platforms are difficult to get in touch with at the very point you most need them and they don’t easily hand over access to accounts.

Check the linked email address and phone numbers

Each account will have phone numbers and email addresses linked to the log-ins (especially Twitter and Instagram). Check that those are still current, so that if there are issues with logging in or two-factor sign-in, you are connected to the right accounts.

Which email addresses and phone numbers are linked to the logins for your social media accounts? (particularly Twitter and Instagram) and are they still current? If you need to reset the password or have problems with access, it’s much easier to resolve if you know which contact details are linked to each account.

Have a clear, agreed approach for all your channels

Having different people attached to your social media account works if all are working to the same goals.

So make sure there’s a shared document which outlines the social media strategy and its implementation - that everyone knows what content is good to share, what the engagement approach is like, what user journeys you are trying to prompt, what the brand tone of voice is… And so on.

Keep that document available to all, in a company Dropbox or intranet and also include the basics such as:

  • How many different accounts there are, and on which channels.
  • Who has access to each of these channels.
  • Which channels are connected to each other (eg Instagram and Facebook)
  • Which social media management tools you use.
  • Accounts that no one is using.
  • The ‘crisis’ process for all channels - who to take problems to and what the reporting process is for each platform.

Check the data and schedule reviews

Always review what works - in terms of the engagement a post provokes engagement, follows and, of course, purchases, if you can track that referral and user journey. Sharing reports across the team on a weekly basis makes sense so that everyone can see what works, and alter what doesn’t. Quarterly reviews to check strategy and effectiveness also works, and to keep checking the security of what you’re doing.

Good social media needs strategy, consistency of delivery and security so that there’s minimum disruption to delivery.

Taking care to make sure that your social media is yours and yours alone will ensure that the plans you’ve made have got a good chance of coming to fruition.