Cliff Maroney May 21, 2013 | 09:34:35

Avoid Social Media Disasters

As PR and social media professionals who often share content on behalf of brands and company executives, we literally have their reputations in our hands…and on our dashboards.

That’s why every PR pro must guard against the unscrupulous. Recent Twitter hacks of major brands like Burger King, Jeep and Chrysler show that no one is immune.

With hackers growing more sophisticated by the day, no one can guarantee a 100% bulletproof social account. But we can avoid the kind of sloppiness that invites trouble. Hacks are not only embarrassing in professional circles,  but they can have reputation repercussions for companies and their brands.

Here are some tips for dealing with, and preventing social media mishaps.

Follow good password protocol. Passwords such as “hello123” and “love” are a temptation to mischief-makers. By regularly changing passwords, limiting the number of approved users, and safeguarding your personal email and social accounts, you can eliminate easy security loopholes. Also, never save passwords to your browser; it’s an invitation to hackers.

Be prepared. Have a written and approved set of steps for a social media hack or mistake so you can “nip an issue in the bud” and minimize any damage as quickly as possible. Build in redundancy. For example, make sure that automated tweets can be suspended quickly and easily in the event of a disaster or other breaking news.

Think before you delete. If a questionable update is posted, think before you rush to delete. Sometimes, a deleted tweet just calls greater attention to the situation. A simple correction could be all you need to fix the error; or, if you have caused offense, apologize promptly and sincerely.

Separate your personal and client streams and dashboards. It’s easy to make mistakes (e.g. auto-log in), which is all the more reason to separate your business and personal streams. This helps safeguard your Twitter worlds with an extra layer of security if one of your accounts be compromised, and it reduces the chances you’ll tweet about your wicked hangover on a client’s account.

Double-check vendors. If you use a subcontracter, make sure they’re buttoned up. Every entity contracted to deal with your brand needs written security and content guidelines.

One thought on “Avoid Social Media Disasters

  1. If you’re a cynical web user when it comes to prvcaiy and security — of course you are, right? — then you’re probably asking yourself whether or not a site where you type in your password to see if it’s been compromised could possibly be legit. But the folks at LastPass ensure that the tool is safe and does not store passwords.Here’s how it works: After typing your LinkedIn password into LastPass’s tool, the service computes its SHA-1 hash and sends the result to It then searches the list of 6.5 million leaked password hashes.“All that’s communicated to LastPass is the hash ‚c4ee the result of the one-way function performed on the password that a user enters in that box,” a LastPass spokesperson told Mashable. “So let’s say you enter ‘password1.’ You enter it and the tool performs the hashing algorithm. The hash is then sent to LastPass, and if a match is found in the database (of the 6.46 million leaked hashes) on our end, we report back a message saying that your password was compromised.”The spokesperson also noted that the hashes are not stored on its servers: “We don’t store the hash on our end. We only perform the check and then delete it.”Brooklyn developer Chris Shiflett created a near-identical tool called LeakedIn that appears to operate in the exact same way. On his blog, Shiflett discussed how he built the tool to find out his own password was leaked (and subsequently cracked). -37

Leave a Reply

Your email address will not be published. Required fields are marked *