There are many digital threat avenues for bad-actors to infiltrate a corporation and social media has become a favorite. Even though there are technology solutions (such as Brandle) that help corporations with these risks, it still takes constant oversight, monitoring, and forward thinking. One area that is often overlooked is employee social media training specifically around the topic of risk to the corporation. This falls into the category of corporate social media security and risk management.

Creating a strong training program to educate employees on the risks and pathways that hackers and phishers use is critical. Delivering the requirements employees must follow to assist with corporate social media security should be mandatory. There are six key requirements that should be part of your social media security training program.

The General Data Protection Regulation (GDPR) is a comprehensive European privacy law that took effect on May 25, 2018. Brandle views this law as an important step forward in streamlining personally identifiable information (PII) data protection requirements across the European Union. 

What is GDPR?

One of the most important things that organizations must understand about their social media governance plan is that it is not a static, unchanging document. Social media governance is a dynamic process that must be constantly monitored and optimized to ensure that it is steering the organization in the right direction. And the "right direction" is away from risks to corporate brand reputation and threats to data security.

To be truly proficient at social media governance, you need to know how to work your plan!

Before we lay out steps to simplify social media compliance, let's first define it! If you are part of a risk management team in a regulated industry, such as the financial sector, the term "social media compliance" centers around regulatory requirements. But that is only one aspect of compliance. There are other aspects of compliance for both regulated and non-regulated companies.

Social media compliance is a discipline within a broader social media governance program. It is the practice of ensuring that all corporate policies, regulatory requirements, brand standards, and social media standards are implemented and adhered to on all social accounts across all networks. This practice is broader than just regulatory compliance. Sure, regulatory compliance is critical, but brand damage often occurs when other corporate compliance standards are not met. And a regulatory audit might produce a warning for compliance correction (or fine), where brand damage can cost you customers and sales.

Executives must understand that in today’s business landscape, strong social media compliance is not just a best practice, it is an essential part of corporate risk management. 

January is always an excellent time to conduct the annual corporate social media and web presence audit. Accomplishing this key governance task early in the year allows the global digital team members to re-set goals on the most active corporate channels, as well as clean-up stale and rogue accounts that have popped up during the previous year (especially over the holiday period).

If you have never conducted a corporate social media audit, then now is the time to start! There are many reasons that social media presents significant risks to a company: brand reputation, sales, and risks highlighted in our post 7 Social Media Security Issues Your Business Faces. Proactively conducting a social media audit is not just a best practice, but an essential risk management priority.

Web presence management is the process of creating and maintaining a digital inventory of all web points-of-presence (POPs) including: social media accounts and pages, websites, blogs, and domains. At first glance, web presence management may seem primarily like an administrative task. However, it is actually a strategic process critical to managing risk events as well as keeping your brand standards and voice monitored accurately. Your digital footprint is often the main entry point for your customers to experience your brand, and if your customer has a negative experience with an online point-of-presence, then your brand reputation is in jeopardy.

To date, most companies' web presence management has been conducted by manual audits and tracked on static spreadsheets. This not only takes a lot of human resources, but it is also fraught with human error. Stepping up to a comprehensive SaaS solution that provides an automated process does require investment, but the cost trade-off vs the risk is well worth it. So how do you get the resources and support needed from your senior management? 

The first step is to become aware of the technology risks that concern your C-suite most. To that end, here are three keys to convince senior management of the importance of web presence management:

The field of Brand Protection has historically been relegated to those companies who produce products that are subject to counterfeit production. This includes popular consumer products and luxury goods.

However, the rise of social media popularity in business has fostered a counterfeit culture for accounts. In recent years, a growing number of businesses have wisely allocated resources towards social media brand protection, but the vast majority of businesses still have gaping vulnerabilities in their social media governance approach. If exposed, these vulnerabilities would inflict substantial reputation damage.

It's no secret that social media has become a major risk concern for corporations. According to a report by SentinelOne, over 80% of hacked companies reported that the attack entry points were from phishing emails and social media. Creating strong governance practices is essential to managing these social media security risks. Your brand reputation, data protection, and sales demand it!

As in any governance practice, it is helpful to gain an understanding of the potential threats. This is the only way that you can prevent, or at least, mitigate the attacks.

In this post, we highlight seven of the most common social media security issues.

A growing number of businesses of all sizes — from small startups to large enterprises — are tapping their workforce to extend their social media footprint. When this strategy is done correctly, the rewards and ROI are considerable. For example:

• Content shared by employees generate 800 percent more engagement than content shared by brand channels (Source: Social Media Today).
• Leads generated through employee social marketing convert 700 percent more frequently than other leads (Source: IBM).
• Brand messages posted or shared by employees are re-shared 24 times more frequently than brand messages posted or shared by businesses (Source: MSLGroup).
• Extending your brand standards and voice with employee social reach strengthens your brand recognition.

To monitor, or not to monitor? It is widely accepted by corporate social media and risk managers that major brand damage can occur via a social channel, but real harm can also come from employees’ social media accounts. For regulated companies, this is certainly true — in fact, they are legally required to monitor employee social media. But most companies should consider monitoring their employees key social accounts as a corporate risk and brand protection discipline.

Part of the corporate risk assessment (conducted by the risk team) should include an analysis of the risk profile presented by employee social media and whether a monitoring program is an important addition. If the risk profile is low, a monitoring program can be bypassed, if it is medium or high (such as a company that has a strong M&A practice or a large intellectual property portfolio), then this practice should be adopted. The monitoring program could focus on key employee types that are employed in a higher risk area, and not all employees. This certainly makes sense for very large corporations. However, every company should have a general employee social media policy that covers all employees.