Blog article

The risky business of social media: what you need to know 

With such widespread access to information, social media is a prime target for spam, scams and cyberbullying. Which begs the question – should we restrict its use, or build better risk management?

Social media is an integral way to promote your business, communicate with your community and expand your network. But with the good also comes the bad. Fake profiles, spam comments, malicious messages, damaging scams and cyberbullying are all too prevalent on social media.   

This raises the question of whether its use should be restricted. We dive into it to see if businesses can reduce the risks associated with social media, while maintaining a positive digital footprint. 

How can social media scams and spam affect your business? 

For scammers and spammers, there is a lot to like about social media. In Australia, there are 21.3 million social media users – that’s a lot of personal information ready for the taking…unless it is suitably restricted or protected.  

Phishing scams, fake accounts, malware hacks and vulnerable third-party apps are some of the most common social media risks today. Targeting an organisations community, customers and employees, the impersonation of your brand and nefarious activities can damage your reputation, lead to a loss of customers and revenue, and drain time and resources within the organisation 

There could also be legal and regulatory implications as governments increasingly look at ways to keep the public safe as this malicious activity become more prevalent.  

As it is outside an organisation’s standard network security social media doesn’t have the security that email does so you need to carefully protect the valuable data in your organisation’s social media accounts. 

Can you restrict social media? 

New scammers are popping up all the time. How can you stop them from interacting with your business account? If you’re posting to a social media account that is publicly available, then you cannot restrict who can view and access the account.  Anyone can post comments  

You can restrict access if it is a private profile or a private group however this severely limits your organisation’s ability to communicate with your community and customers.  

On an individual level, there are measures you can take to protect yourself online – change privacy and security settings; use two-factor authentication; report suspicious private messages; and change passwords regularly. 

7 tips on social media risk management for businesses  

For businesses, the best way to protect your organisation is to build better risk management.  

Social media communication is a two-way street. Be careful about the information you collect from your customers (e.g. in private messages) but protect your organisation’s data.  

Remember – social media interactions can be subject to the same recordkeeping requirements as other forms of communication, so you need to manage them carefully. 

 Social media policy – having a comprehensive policy can reduce risks associated with your online presence. It should clearly define how to respond to spam content and offensive remarks to ensure a safe online environment. 

  1. Regular audits – there are constantly evolving threats on social media, so having periodic audits to check your accounts are still secure is essential. Check settings and review any new security features that might be available. 

  2. Monitoring tools – keep an eye on your social media activity. You’re more likely to identify and remove negative-impact content quickly if so. 

  3. Privacy settings – unlike your personal profile, you probably won’t know 90% of your followers. While you can’t monitor every follower, you can opt for the privacy settings on Meta, LinkedIn and Twitter that will work best for your organisation. 

  4. Content moderation – by changing your social media account settings, harmful or offensive content can be identified, reported and removed. This can help prevent cyberbullying and protect against spam.

  5. Account access – when staff leave your organisation, remove their access to your social media account and change the password. Also keep a log of who has access and their access level (e.g. admin, editor or analyst).

  6. Risk awareness – human error is a risk. Perhaps someone clicks on something they shouldn’t or overshares confidential information. Those who manage your account must be aware of the potential risks and remain vigilant.  

 Social media has changed the game for data exfiltration. While negative-impact content can hinder business, restrictions are not the most effective management approach. Don’t open up the digital door to scammers, spammers and cyberbullies – keep up to date with your social media risk management.