Social Media Security: Your Biggest Threat is Yourself

I set out to write this blog to explore the security threats faced by both businesses and individuals in Social Media. I had the intention of making this a rather technical blog, full of charts and statistics. However, as I began talking to people within the security and social media world, I discovered that the top threat to both individuals and businesses has nothing to do with the actual technology and network vulnerability. The biggest threat to social media security is actually ourselves.

Before I get into how we are our own biggest security threat on social media, I want to address one of the more technical concerns that is often considered the biggest threat to social media and social networks security: the inherent insecurity of social media networks.

1. The Insecurity of the Social Networks (Large Scale)
   • Social networks are not as secure as your website or email. All major social media networks do get breached from time to time. Recently, Snapchat was compromised and the photos of 4.6 million users were posted on a website (Those Snapchat photos don’t actually disappear.) Social networks do spend a great deal of time and money or ensure their networks are secure as possible, but they will always be vulnerable to cyber attacks.
   • What this means for individuals: - Assume anything you post or have connected with your social networks is public and will always be. If you don’t share anything that you’d not want the whole world knowing, even if social networks are compromised, you won’t have too much to worry about.
   • What this means for businesses: Know your risks. Your social media will be compromised at some point. No matter how strong your passwords might be, or how secure your server or network might be, it is inevitable. Don’t use social media, including Facebook messaging or Twitter messaging for any communication about secure information. Assume that anything you put on any social network, even in private messages through Linkedin, Facebook, Twitter, etc, can be viewed by your biggest rival.
     
     *Note: On social networks that you store your credit card information, like Facebook, the insecurity of the networks can lead to that card being compromised. This has happened to me multiple times. Most credit card companies are very experienced at helping you if your card is ever compromised.
2. The Insecurity of Social Networks (Small Scale)
   • By small scale, I mean attacks from individuals targeting individuals. This includes all the times you hear someone say, “My Twitter got hacked.” The first thing to realize is that this is not that common. Most often when someone says they got hacked, it is because someone that they know, often someone from an ex-relationship, has their passwords and has bad intentions. That said, it still happens because the networks themselves aren’t that secure. In fact, I am not a tech guy at all, but I am confident that I could hack into anyone’s personal social media accounts (though I would never do that). If I could do it, that means that a lot of other people can, too.
   • What this means for individuals: Protect your passwords. Don’t give access to anyone that you don’t trust completely. If your account is compromised, follow the steps offered by each social network to re-secure your account.
     
     *Note: Changing your passwords each month will also help keep your accounts secure.
   • What this means for businesses: Here is the bad news: With most social networks, like Facebook, your business accounts are linked to and accessed through individual accounts. Therefore, your businesses social media profiles and networks are only as secure as your employee’s accounts. Pick who you give access to your business accounts to very carefully. Have a policy that if any employee linked to any of your business accounts suffers any type of compromise of their individual social media accounts, that they must notify the business so the business can take precaution and change passwords.

The insecurity of social networks is a big concern, but let’s get to the real issue. WE ARE THE ISSUE! When we talk about social media security, our real concern is that information will get into the wrong hands. Any of the other concerns, like someone hacking into our account and trying to take it over or post inappropriate things may cause a couple of bad hours until we can put a stop to it, but what we really worry about is information getting out there that we don’t want people to see. This is true for both individuals and businesses. So here is the deal:

Social media networks don’t take information from us; we give them the information.

The bottom line to securing your social networks, both as a business and individual, is never put content out there that you would not want the whole world to see. If you follow that premise, you’ll limit and eliminate most social media security concerns.

Implications for Individuals:

Think before you post anything online. Assume that all content, even things you talk about on Facebook Messenger or a photo you send via Snapchat, will be viewable by the public. Don’t post or share something on social media that you would not want your boss to see, or your mother in law, or that you would not want your toddler repeating at pre-school. If you need all sorts of privacy settings, maybe social media is not for you. If you don’t post anything on Social Media that you wouldn’t want the entire world to know, even If a social network becomes vulnerable, you have little to worry about.

Implications for Businesses:

Employees can be your biggest advocates online. They are also your biggest risk. You need to have a social media policy. Employees need to know what they can’t do on social media. Whether you like it or not, if they list you as their employer, everything they do and say reflects on you. Again, your social media is only as secure as your employees’ social media use and security. Employees need to know that no private or protected information should ever be shared in any type of social media.

In summary, social media networks are vulnerable to security threats. However, we as individuals have the ability to protect ourselves by following the simple rule of never putting anything on social media that we would not want the entire world to see. Think before you post!

About the Author

KP is a Branding and Social Media Consultant as well as the Founder and Director of two non profits, Share 4 Kids and Get Fit Ohio. KP was honored this year by Forbes, Likeable and Onalytica as one of the most influential people online. Please follow K.P. on Twitter!