Small businesses are a growing fan base for Facebook.
A Cybercriminal Fan Club
Facebook is also a favorite of Internet criminals, says the Cisco 2010 Annual Security Report. It's a big target, with more than 500 million active users. Even CEO Mark Zuckerberg's Facebook account was recently hacked. Facebook does offer its account administrators some privacy tools; it also provides general security tips. The risks to Facebook visitors are widely publicized—the dangers lie in what links people click, what invitations they accept, and what private information they enter.
The risks to Facebook business accounts are not as obvious.
Security Risks to a Business
Security breaches of a company's Facebook account can expose the business's confidential information, violate its privacy contracts with users, erode customer confidence, and damage its brand. The security risks most likely for a business Facebook account include:
►Malware that infects the administrator's account. Intrusion may be accomplished by password cracking, phishing, or an insecure Internet connection, and can enable a hacker to take over the administrator's account.
►Malware that infects the advertisements or other links on a Facebook page.
►Misuse of information in visitors' postings by the business's account administrator or other employees.
►Employee posts that leak confidential business information.
There's no magic bullet that will protect your account. Just as you protect your business network by integrating a variety of security technologies, you need several strategies to protect your business's Facebook account.
Following are general best practices and 10 specific tips.
Post and Enforce Your Usage and Privacy Policies
Help protect users from themselves.
2. Monitor visitors' activity. Enforce your policies. Include links on your pages to report spam, scams, and other inappropriate activity.
Strengthen Account Administration
This is the linchpin for protecting social media pages.
3. Assign at least two administrators (admins) for your account. The admins should continually monitor and promptly respond to new Facebook policy changes and features, always considering the impact on the business.
4. Use an Internet firewall with web threat protection, such as Cisco ProtectLink Web, to authenticate admin access by IP address, and to disallow ads with malware.
5. Enable the Facebook security feature that will alert you whenever an admin accesses your account.
6. Select strong admin passwords and update them at least every three to six months.
7. Require that remote access to your Facebook account by admins be done in a VPN session. Alternatively, Facebook offers a security setting that allows connections via HTTPS. Admins may also use Facebook's one-time password feature to receive a temporary password on their mobile phone, which can be useful for remotely accessing the account from a nonsecured device.
8. Regularly review the admins' activity, and remove inactive or unnecessary admins.
Educate and Enlist Employees
Unfortunately, employees do—intentionally or inadvertently—share confidential business information.
9. Create, update, communicate, and enforce a company use policy that specifies Facebook do's and don'ts, including how employees may interact with visitors and use visitors' information.
10. Encourage employees to report information that has been incorrectly shared, or when they think that there may be a security issue.
Whether you are securing your Facebook presence or dealing with compliance issues, TeamLogic IT can help you protect your business from the bad guys. From virus and malware protection to our Managed Security Service, we offer a suite of security services that will let you rest assured that your business is safe. For a free consultation, please contact us at 650-204-3150.
Computer and Networking Services from Experts you can Trust.
.jpg){kind=small}
