During this challenging time of working-from-home, we are all trying to stay motivated and focused to produce the work that can make a difference in the world. Eventually, we and our co-workers will return to the office and the work we do now will help us transition into the business that will be required of us later. At this time, the visibility of what may be "required" is foggy at best, but for those of us in the social media governance space, we do know that the digital world is not slowing down. In fact, social media security is more critical than ever with bad actors taking advantage of consumer fears and political campaigns lying in wait.
At Brandle, we are all lucky enough to retain our jobs and it is our focus to help our customers, and anyone that reaches out, with social media security and risk management during this time. I've talked with many professionals in our space; some are busier than ever managing the onslaught of chaos due to Covid-19 while others are furloughed until the pandemic subsides and business returns. And still others that are managing "business as usual" from home.
As our CEO previously wrote in Mitigating Social Media Risks During Layoffs, someone at corporate must still have their hands on social media security. His article outlines the process to mitigating social media risks during this time. A key part of this process is understanding who has access to the social media accounts, the attached apps, and the attached corporate tools. In order to secure your social media landscape, you must secure all points of access to each social media account, page, channel, etc. (At Brandle, we call these POPs, or points-of-presence).
We all know it is good governance practice to ensure that only key team members have direct access, while others have access via apps or corporate tools, but the challenge is in knowing and tracking all of those access points (and vectors). When these team members change, so should access to any part of the access vector (including direct account access, apps, corporate tools, etc.) It's not a matter of trust but of good governance.
Additionally, bad actors often access accounts via non-direct means such as connected apps or corporate tool security breaches. Consider reviewing our post on how to prepare for a corporate social media crisis event. The more diligent you are about the access vectors, the lower the threat of crisis and brand reputation damage.
2 Tools to Help with Team Transitions
At this time, there may be team member transitions (whether you have furloughed team members for 90-days, terminated outside consultants, or altered agency workload) and social media access must be revoked. If you are in a company that is related to managing people, products, healthcare, or processes around the pandemic then you may be expanding your team at this time, so access needs to be granted. Either way, keeping track of the ebb and flow of team members and credential changes is important. It's important now and when the world gets back to a normal course of business.
To make this easier for you, we created two spreadsheets for your use. One focuses on the social media points-of-presence and the other focuses on the team members:
- Social Media Account Checklist to track the changes required for each POP (point-of-presence) that will have a team member change. This spreadsheet is focused on the POP so it is secured.
- Social Media Team Member Transition Checklist. This spreadsheet has a sheet for outgoing team members and a sheet for incoming team members for each account. This sheet will also dive into ensuring you have reviewed/revoked/granted access to the direct account, the attached apps, and any corporate tools.
Each spreadsheet has validations for easy drop-down menu selection. Just add or change options on the validations page.
Who Really Owns Your Social Media Footprint?
This is a very important time to review and ensure that that CORPORATION owns every corporate social media account that it should own, as well as every Ad Account. That may seem obvious but many companies allow their agency partner or a business partner to own their social media accounts and/or their paid social media ad accounts. This is a huge mistake for social media security!
First, if you don’t own it, you don’t control it. And if you don’t have control of your accounts, you don’t have control of your brand. You can outsource the management of your accounts to an outside party but your company should always be the owner.
Second, if you don’t own the accounts, you don’t own your data. Your agency is under no obligation to give you the historical data should you end the relationship. If you own the account, you simply revoke access for your old agency, add access for your new agency or manager and retain your data without interruption.
So as we wait out the 2020 Pandemic, take the time to ensure that you have control across your owned digital footprint and have secured the access chain! And if you need ideas or assistance with an audit or process during this time, just Contact Us.