Ask yourself this: “What would happen if a hacker broke into my personal Facebook account?” It would probably be rather frustrating, as you’d have to explain to all your friends why you were attempting to sell them discount prescription medication. Now ask yourself, “What would happen if a hacker gained access to my company’s Facebook or Twitter accounts?” That answer is going to be somewhat more damaging.
Despite the fact that nobody is completely immune to an account compromise, there are several steps you can take to help ensure you don’t become yet another brand with social media egg on its face. Just as locking the front door after leaving your home in the morning is considered a common-sense security measure, similar efforts must be made when securing access to your various social networking accounts.
Keeping Hackers Out
Twitter, Facebook, Google+, and LinkedIn are all equipped with a feature known as two-factor authentication that requires users to provide a random number sent to their phones when logging in from a new location. Each company has a different name for its version, so click the associated link to get step-by-step directions to enable this important security feature.
Once two-factor authentication is enabled, even if a hacker manages to get your password, he or she will be unable to break into any of your accounts without direct access to your phone.
At Sprout Social, one of the ways we help keep you secure is by always forcing your web browser or mobile app to encrypt communication to and from our servers. Sprout Social employs SSL encryption every time you send personal or password data with our services; even though you do not see a padlock in the mobile app, the data you send is encrypted.
The security of our users at Sprout Social is of the utmost concern but you can take extra steps to help safeguard your profiles from being hacked. Sprout Social requires customers to use a password that is at least 8 characters long; however, you can strengthen the security of your own account by creating longer, more complicated passwords.
Tools like LastPass and KeePass make creating and managing secure passwords much easier than affixing sticky notes to your monitor. You can even use those tools to share passwords with colleagues. Check how safe your current password is by using Microsoft’s Password Checker – you’ll find that “Pa$$w0rd” is much less secure than “ThisIsMyVeryLongPassword.” Generally, you should never enter your password into a text box on a strange form but we’ve checked this one out for you and it is safe.
Protecting Your Phone
Now that you have a strong password and your phone holds the keys to your digital castle, it might be time to take a quick look at mobile phone security. The first and simplest step anyone can take when securing a mobile device is to activate the passcode lock feature. All major mobile operating systems include a feature that requires a passcode to move beyond the lock screen. The websites for the major phone providers all have instructions on how to do this, including iPhone/iPad/iPod, Android, BlackBerry, and Windows Phone.
Some companies such as Lookout offer apps that will provide extra features to help recover or remotely erase your device if it is lost or stolen. Combining a password lock with an app that can wipe your device as a last ditch effort will ensure that not only your social media accounts are safe but all other information passed through your phone, as well. That could include banking information, email, or pictures.
At first, the extra security measures may seem like a hassle but let’s revisit the locked door metaphor – using two-factor authentication or logging into your phone will consume roughly as much time as taking out keys and locking or unlocking the front door. Would you be willing to leave your house unattended because pulling the key out of your pocket seems like a bother?
[Image credit: Kreg Steppe]
Bill Gambardella: Bill Gambardella is the Information Security Program Manager at Sprout Social. He is a paranoid member of the engineering team who spends most of his time thinking of the best ways to protect Sprout Social's users.