Social Media Security – Best Practices

You may ask yourself why you need to worry about Social Media Security Let me fill you in on the back story.  A former colleague contacted me and asked me if I personally knew a mutual contact on LinkedIn.  Apparently this mutual contact had scammed her out of some money.  I told her I did not, as I am connected to a few thousand contacts and do not know all of them personally.   Since this is an issue so many have to deal with, I thought this post would be appropriate.  Here is a checklist of best practices you can do to make your social media security more secure. 1) Use a separate e-mail address for your social media accounts:  i.e. linkedin@yourdomain.com  or twitter@yourdomain.com  then have each forwarded to your main account.  If you do not have the luxury of multiple e-mail accounts you can do something along the lines of  yourname_socialmedia@yourdomain.com.  This was beneficial for me about a year ago, in that I received an e-mail from my Linkedin e-mail  account from “PayPal”.  Someone on the other end was trying to get money from me.  I immediately knew this was a scam because my PayPal e-mail is not my LinkedIn e-mail address.  Of course I immediately let PayPal know what was going on and forwarded them the e-mail. 2) Use a secure password: You want a MINIMUM of 8 characters, but I like to use 12 or more.  You also want a combination of letters, numbers and special characters.  You want a different password for every account.  I know this seems impossible, but you can use a naming convention.  Here is an example.  Tw1+2013!!  I spelled the first four letters of Twitter using a combination of letters, numbers and special characters, added the year and ended it with exclamation points.   As you can see, this password combination makes the social media security is pretty good.  If you want to see how your password stacks up – go to this password checker and check it out.  You might be surprised. 3) Change your passwords regularly.  I would say at least every 3 months – but if that’s too often for you, at least once a year MINIMUM.  I change mine every 3-6 months because I used to work in network security and I’m a bit more paranoid. 4) Use a social media management application:  I use HootSuite and Sprout Social, but there are others.  You can also use applications like Gremln or Smarsh.  This is beneficial if you have someone managing your social accounts.  This way, they only have limited access. 5) Take advantage additional authentication method:  Several social platforms will send a text to your cell phone and allow you to enter a code for verification.  If you are concerned about social media security, this is an added step worth taking. 6) Recognized Devices:  How many devices do you have?  How many do you use?  Facebook recognizes and remembers your devices, so it’s good to go into your settings and delete your old devices every few months.  I only have 3 devices, but according to Facebook, I have 17 since May of this year.  The thing is, I log into Facebook from a lot of different networks. 7) What is the URL? Sophisticated computer hackers can duplicate your social media accounts (as well as pretty much any other kind of account).   If you want to be on top of social media security, you definitely want to pay attention to the url. 8) This may seem obvious, but do NOT give your username and password to people you don’t know.  Even if they say they need it to get you more followers or to manage your account.  Have them with you when you are signed in, then let them act as you add them as an administrator, or set up a third party social media management tool like Hoot Suite. 9) No matter how much you WANT to, NEVER EVER, EVER, EVER, EVER did I say NEVER? But NEVER have your browser remember your passwords.  If your computer gets infected with a worm, or virus, or the latest mutation thereof, it could possibly take the passwords from your browser and save them to a server somewhere for someone to use.  Also – NEVER save your passwords to a file on your computer. 10) Keep your computer up to date with the latest patches, upgrades and antivirus software.  Social media security is just as much about maintenance as much as it is about awareness. Do you have anything you would like to add to this list?  Have you had anything scary happen to you or a friend?  What do you think could have prevented it?