Although social media can be a positive force in many ways, such as allowing us to connect with friends and family and giving businesses a platform to advertise, there is also a darker side that can cause people and companies a lot of problems. Cybersecurity mistakes can cost companies an average of $4.3 million a year, but the issues can go beyond the financial realm entirely.
Let’s take a look at a hypothetical scenario where social media can put executives and their companies at risk, as well as some best practices that can help these companies and their top management alleviate these concerns.
Social Media Risks for Executives
Imagine a tech company called “HGH Tech” that sells employee monitoring software and has an active social media presence. They frequently post pictures and videos of the executive team delivering sales pitches and other messages directly to the public. The company’s internal numbers show that it’s a great success as these funny videos are great at driving engagement and boosting sales.
Their software works so well that after it’s implemented by companies with employees who work from home, thousands of workers are terminated for misusing company time. One such employee, fired from his high-paying tech job for posting company secrets on Twitter and Reddit from his work computer, decides that he’s going to take revenge on the company whose software cost him his $200,000-per-year salary.
HGH’s website reveals that it is registered to a PO Box in a city that’s only about 100 miles away and to which he can easily drive. He knows committing a crime at a Post Office is a federal felony, and he has no quarrel with the college intern who will be sent to get the mail anyway, so he decides to go another route.
Potentially Damaging Information in Social Media Posts
His next plan is to visit the company’s official YouTube channel to watch the videos that made the company famous. As the broadcasts are in crystal clear 4K quality, he notices writing on a whiteboard in the background and, because the company he worked for used a similar code, realizes that it is a username and password for the company’s servers.
He then enters the system and wreaks havoc, deleting essential files and posting threats against the company’s CEO. Due to his years of cybersecurity experience, he can cover his tracks perfectly, and the authorities aren’t able to trace the signal back to him or his computer.
The next video he watches involves the CEO walking through the main office area, where his personal secretary’s nameplate is visible. As one of the city’s few first-generation Polish immigrants, her unique last name makes her easy to find. The angry man begins sending her violent threats and detailing all the terrible things he’s going to do to her boss. Further, by seeing the buildings in the window, the harasser finds the location of the company’s headquarters.
However, the greatest social media security failure is next. The CEO posts a video of himself and his family doing a silly dance in their front yard while he sings a parody song about his company’s commitment to the environment. Their house number, 8672, is clearly visible. The angry former software engineer does internet research to find every home numbered 8672 in the city and, after checking a few locations, finds the CEO’s home.
Social Media Mistakes to Avoid
Let’s look at everything HGH Tech did wrong. First, they left confidential information in plain sight during their videos. In this scenario, it took a software engineer to figure out what it meant, but he was able to harm the company financially due to their mistake.
Second, they opened up an employee to harassment by posting her name in a video. It would have been fine if she had agreed to appear in the video, but because the social media team didn’t blur out her name, she was subject to harassment.
Finally, the CEO’s home address and company headquarters were easily located after a few clicks, which put the CEO, his family, and the company’s employees in danger. The situation listed above is obviously exaggerated to illustrate the potential dangers of social media and not very realistic, but it is still a possibility, albeit remote.
Executive Protection on Social Media Tips
Executive protection on social media functions very similarly to personal protection, which means that many of the same tips will apply to companies, executives, their employees, and social media users in general. Building on the example scenario above, here are some tips and best practices to ensure that everyone remains safe and protected.
- Personal information in posts should be limited. If the CEO takes a weeklong vacation and wants to post a video from a ski resort, for example, it’s better to post it after their return. If people know the CEO is out of town, burglars could visit his home, and angry customers could confront him on vacation.
Employee names and identities should only be posted if they agree. People can harass employees to get to an executive, or an employee’s stalker could find out where they work if that information isn’t closely guarded.
Video backgrounds should be cleared of any unnecessary information, including passwords, business plans, travel plans, and anything else that isn’t related to the video.
Many executives can benefit from executive protection services, regardless of whether an actionable threat has been made. Although such a situation is usually pretty unlikely, it never hurts to be prepared.
Try not to get too clever. In 2010, an identity theft protection company’s CEO created an ad campaign where he posted billboards with his real Social Security Number and dared hackers to try stealing his identity. The campaign was later halted after 13 separate incidents of identity theft had been committed against him.
Executives should also avoid controversial posts on their personal social media. Political opinions, for example, can deeply upset some people and result in threats. Although a number of these are made by people thousands of miles away with no intention of ever following through, it is important to treat all threats as valid until proven otherwise.
Anyone publicly associated with the company, including high-ranking officials, executives, members of the Board of Directors, and even lower-ranking company employees, can benefit from home safety assessments in the unlikely event that a threat escalates from online “trash talk” to something more sinister.
Above all, the best social media practices are remaining positive, avoiding controversy, and making sure that no confidential information is ever leaked out through social media posts.
Social media can be very important for a company and its executives, as it allows them to communicate directly with customers about upcoming products, exciting new features, and generally drive sales for their products or services. However, if proper precautions are not taken, the results can be very dangerous. Although the situations listed above are unlikely to happen to your company, it is important to be prepared and use best practices to avoid potential mistakes.