SlideShare ist ein Scribd-Unternehmen logo

Social media security

Als PPT, PDF herunterladen
Mosoco Ltd
Mosoco Ltd

The steps to take to reduce the chance of your social media accounts being compromised

BusinessTechnologie
1 von 20
Social media security How to prevent hacks and manage them if they happen
1. Preventing hacks1. Preventing hacks
Why are social media hacks a problem? • You are the CEO of a bank, tweeting regularly, and generally being hip • And then your Twitter account is hacked. There’s a tweet in your name that says the bank has made huge losses and doesn’t have enough money to pay account holders • People panic and there is a run on the bank…
How do hacks happen? • People who want to cause mischief can get access to your password in a number of ways: – Passwords are hacked using “brute force” software that runs through all the possible combinations of letters and numbers – People steal (or find) unprotected portable devices – Devices are infected with spyware (often after a phishing attack) – Passwords are not changed when an employee who knows them leaves the company – The password is stored on a shared personal device which allows access by non-authorised people – Password lists are made available to non-authorised people • So what can you do about this?
How can you stop hacking? • You can’t be sure of preventing hacking • But you can take some basic steps to make it less likely that people will succeed: – Use robust passwords – Limit access to social media accounts – Limit direct access to social media accounts – Keep in control – Watch out for Cookies – Educate people to avoid phishing attacks – Take care with mobile devices
Use robust passwords • Ensure passwords are strong – minimum of 12 characters including at least one each of capital letter, lower case letter, number, keyboard symbol (e.g. ! $ % &) • Don’t use words or names in the password – Password isn’t a great password – And people realise that numbers are commonly substituted for letters: So P455w0rd isn’t great either! • Think of a phrase and use the first letters: – I love my wife Delvina and my two boys Caspar and Tarquin! becomes IlmwD&m2bC&T! • Ensure passwords are different for all accounts • Change passwords a couple of times a year
Limit access • Audit number of people who have access (check for 3rd parties like agencies) • Severely limit the people who have access – If necessary appoint an “editor” who uploads content written by other people – Ensure that the contracts of people with access stipulate that passwords must not be shared – Keep a record of who has access
Manage access • If you can, implement Single Sign On technology to manage access to your social media accounts • This means that people don’t have to sign onto social media accounts directly – they get access when they sign into your company network • Preventing direct access means that fewer people need to know or remember passwords and that passwords can be changed at any time
Cookie attacks • Some platforms (e.g. Twitter, Facebook) are designed to remain open continuously – This is so that you get access every time you go to your computer or mobile phone • Keeping an account open all the time gives people an easy way into your account – If it is open on a mobile device which subsequently gets lost – if you are using a shared device and forget to log out. • The most secure way to handle this is to require access to corporate social media only via fixed company equipment
Ensure you have control • Some platforms (e.g. Facebook) say business pages must be set up by private accounts – Don’t allow individuals to set up these pages: create an account representing your “corporate personality” instead – If private accounts have been used, you may have to start afresh even if it means sacrificing assets such as Likes • If you ask people to Tweet or Post for you make sure the accounts they set up are owned and capable of being managed by the company
Avoid phishing attacks • Phishing: a hacker sends you message “from” your social network, asking you to log in to your account and provides you with a handy link • You enter username and password into a fake login page, which promptly captures the data – Often these attacks are personalised with your name and job title (“spear-fishing”) and look very credible • Prevent this through education. Train people to: – Recognise suspicious emails – Check the address of the site in the browser address bar – Avoid links in emails and navigate directly to their account
Mobile devices • Mobile devices represent a risk because they can be lost or stolen • Limit access to corporate social media accounts via fixed computers in secure office locations • If you need access outside the office (e.g. for tweets at a conference): – Protect the device with a robust password – Make sure you have the ability to lock or wipe it remotely – Avoid using password vaults that remember passwords for you • If you are logging on to Twitter or Facebook on a mobile device log off after you finish
Wi-Fi • Wi-fi connections may be insecure or dangerous • Check to make sure you are using the official wi-fi (check the exact name) – Don’t be tempted to use an alternative wi-fi even if seems to offer easy access • Don’t use the corporate account to tweet on wi-fi – Set up a secondary account and use it for out-of-office events – Use the event hashtag in tweets to ensure that people find your posts – Get colleagues to follow the secondary account and share your posts via the main corporate account as soon as possible
Educate • Most protection can be gained through education • Help people understand where the risks lie, what they can do to minimise them, and why it is important
2. Five steps for2. Five steps for managing if you aremanaging if you are hackedhacked
Step 1. Regain control by resetting passwords • Change the password on the account (to something harder to hack) • If the hackers have changed the password, reset it using the forgotten password link on the site – At the same time change the password of the account administrator’s email address as this may have been hacked too • If the hackers have locked you out of your account contact the social platform directly: – Search [platform name] AND hacked OR compromised to find the right page
Step 2. Protect your other platforms • Now check all your other social media platforms and ensure they have not been hacked as well • If they are safe check that they have a secure password and that this is different from the passwords on your other social media sites
Step 3. Get back to normal • Get your social media accounts back to the state they were in before the hacking incident • Delete unwanted content – Delete any content sent out without your authorisation • This doesn’t guarantee it will disappear completely and for ever as other people may have saved or shared it • Check your account settings – Make sure there aren’t any nasty surprises waiting for you • Have any automated responses been altered? • Does your profile contain strange links? • Have any Twitter lists been tampered with? • Do you have unexpected new some “friends”?
Step 4. Let people know • Tell your audience – Post messages to followers apologising for any offence caused • Pay to promote these messages if the hack was serious – Put a message on your website and any other content such as blogs and social media profiles • Tell your employees – Reassure them and tell them what to do and say if they are asked about the crisis by friends or peers • Tell the media – Especially if the breach is potentially damaging you will want to make sure the media have your version of events
5. Review your security • Review security to reduce the risk of anything similar happening again – Ensure that you have followed the advice in the first part of this presentation • Review any applications that have access to your accounts; remove any you don’t recognize • Run a virus scan on devices that have accessed your accounts including mobile devices • If available, set up “2-factor authentication” (unless you have Single Sign On software) • Make sure employees are properly educated

Empfohlen

PPT on Phishing
PPT on PhishingPPT on Phishing
PPT on Phishing
Pankaj Yadav
 
Internet / Cyber Security
Internet / Cyber SecurityInternet / Cyber Security
Internet / Cyber Security
SrijanMukhopadhyay1
 
Building An Information Security Awareness Program
Building An Information Security Awareness ProgramBuilding An Information Security Awareness Program
Building An Information Security Awareness Program
Bill Gardner
 
Salami attack
Salami attackSalami attack
Salami attack
SantoshKavhar
 
Phishing
PhishingPhishing
Phishing
Sagar Rai
 
Spam & Phishing
Spam & PhishingSpam & Phishing
Spam & Phishing
GrittyCC
 
Facebook privacy and security
Facebook privacy and securityFacebook privacy and security
Facebook privacy and security
Gonetech Solutions
 
Cyber security awareness presentation nepal
Cyber security awareness presentation nepalCyber security awareness presentation nepal
Cyber security awareness presentation nepal
ICT Frame Magazine Pvt. Ltd.
 

Empfohlen

PPT on Phishing
PPT on PhishingPPT on Phishing
PPT on Phishing
Pankaj Yadav
 
Internet / Cyber Security
Internet / Cyber SecurityInternet / Cyber Security
Internet / Cyber Security
SrijanMukhopadhyay1
 
Building An Information Security Awareness Program
Building An Information Security Awareness ProgramBuilding An Information Security Awareness Program
Building An Information Security Awareness Program
Bill Gardner
 
Salami attack
Salami attackSalami attack
Salami attack
SantoshKavhar
 
Phishing
PhishingPhishing
Phishing
Sagar Rai
 
Spam & Phishing
Spam & PhishingSpam & Phishing
Spam & Phishing
GrittyCC
 
Facebook privacy and security
Facebook privacy and securityFacebook privacy and security
Facebook privacy and security
Gonetech Solutions
 
Cyber security awareness presentation nepal
Cyber security awareness presentation nepalCyber security awareness presentation nepal
Cyber security awareness presentation nepal
ICT Frame Magazine Pvt. Ltd.
 
The Dark Side of Social Media: Privacy Concerns
The Dark Side of Social Media: Privacy ConcernsThe Dark Side of Social Media: Privacy Concerns
The Dark Side of Social Media: Privacy Concerns
Corinne Weisgerber
 
Phishing attacks ppt
Phishing attacks pptPhishing attacks ppt
Phishing attacks ppt
Aryan Ragu
 
cyber stalking
cyber stalking cyber stalking
cyber stalking
Rishabh Kataria
 
Cyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionalsCyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionals
Krishna Srikanth Manda
 
Computer Security 101
Computer Security 101Computer Security 101
Computer Security 101
Progressive Integrations
 
Cyber safety
Cyber safetyCyber safety
Cyber safety
Yash Jain
 
Presentation of Social Engineering - The Art of Human Hacking
Presentation of Social Engineering - The Art of Human HackingPresentation of Social Engineering - The Art of Human Hacking
Presentation of Social Engineering - The Art of Human Hacking
msaksida
 
OWASP Secure Coding
OWASP Secure CodingOWASP Secure Coding
OWASP Secure Coding
bilcorry
 
Phishing
PhishingPhishing
Phishing
SaurabhKantSahu1
 
Digital privacy
Digital privacyDigital privacy
Digital privacy
Anna Adel
 
CDSE Cybsecurity Awareness Posters
CDSE Cybsecurity Awareness PostersCDSE Cybsecurity Awareness Posters
CDSE Cybsecurity Awareness Posters
NetLockSmith
 
Social Media Safety
Social Media SafetySocial Media Safety
Social Media Safety
Joint Base Myer-Henderson Hall
 
Social Engineering,social engeineering techniques,social engineering protecti...
Social Engineering,social engeineering techniques,social engineering protecti...Social Engineering,social engeineering techniques,social engineering protecti...
Social Engineering,social engeineering techniques,social engineering protecti...
ABHAY PATHAK
 
Presentation on Information Privacy
Presentation on Information PrivacyPresentation on Information Privacy
Presentation on Information Privacy
Perry Slack
 
Data protection and security
Data protection and securityData protection and security
Data protection and security
samina khan
 
Information Security Awareness: at Work, at Home, and For Your Kids
Information Security Awareness: at Work, at Home, and For Your Kids Information Security Awareness: at Work, at Home, and For Your Kids
Information Security Awareness: at Work, at Home, and For Your Kids
Nicholas Davis
 
Data breach
Data breachData breach
Data breach
Burhan Ahmed
 
Phishing Attack : A big Threat
Phishing Attack : A big ThreatPhishing Attack : A big Threat
Phishing Attack : A big Threat
sourav newatia
 
Security tools
Security toolsSecurity tools
Security tools
arfan shahzad
 
Online privacy & security
Online privacy & securityOnline privacy & security
Online privacy & security
Priyab Satoshi
 
DoD Social Media Guide
DoD Social Media GuideDoD Social Media Guide
DoD Social Media Guide
Norfolk Naval Shipyard
 
NTXISSACSC2 - Social Media: The Good, The Bad, and The Ugly by Paul Styrvoky
NTXISSACSC2 - Social Media: The Good, The Bad, and The Ugly by Paul StyrvokyNTXISSACSC2 - Social Media: The Good, The Bad, and The Ugly by Paul Styrvoky
NTXISSACSC2 - Social Media: The Good, The Bad, and The Ugly by Paul Styrvoky
North Texas Chapter of the ISSA
 

Weitere ähnliche Inhalte

Was ist angesagt?

Phishing attacks ppt
Phishing attacks pptPhishing attacks ppt
Phishing attacks ppt
Aryan Ragu
 
Data breach
Data breachData breach
Data breach
Burhan Ahmed
 

Was ist angesagt? (20)

The Dark Side of Social Media: Privacy Concerns
The Dark Side of Social Media: Privacy ConcernsThe Dark Side of Social Media: Privacy Concerns
The Dark Side of Social Media: Privacy Concerns
 
Phishing attacks ppt
Phishing attacks pptPhishing attacks ppt
Phishing attacks ppt
 
cyber stalking
cyber stalking cyber stalking
cyber stalking
 
Cyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionalsCyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionals
 
Computer Security 101
Computer Security 101Computer Security 101
Computer Security 101
 
Cyber safety
Cyber safetyCyber safety
Cyber safety
 
Presentation of Social Engineering - The Art of Human Hacking
Presentation of Social Engineering - The Art of Human HackingPresentation of Social Engineering - The Art of Human Hacking
Presentation of Social Engineering - The Art of Human Hacking
 
OWASP Secure Coding
OWASP Secure CodingOWASP Secure Coding
OWASP Secure Coding
 
Phishing
PhishingPhishing
Phishing
 
Digital privacy
Digital privacyDigital privacy
Digital privacy
 
CDSE Cybsecurity Awareness Posters
CDSE Cybsecurity Awareness PostersCDSE Cybsecurity Awareness Posters
CDSE Cybsecurity Awareness Posters
 
Social Media Safety
Social Media SafetySocial Media Safety
Social Media Safety
 
Social Engineering,social engeineering techniques,social engineering protecti...
Social Engineering,social engeineering techniques,social engineering protecti...Social Engineering,social engeineering techniques,social engineering protecti...
Social Engineering,social engeineering techniques,social engineering protecti...
 
Presentation on Information Privacy
Presentation on Information PrivacyPresentation on Information Privacy
Presentation on Information Privacy
 
Data protection and security
Data protection and securityData protection and security
Data protection and security
 
Information Security Awareness: at Work, at Home, and For Your Kids
Information Security Awareness: at Work, at Home, and For Your Kids Information Security Awareness: at Work, at Home, and For Your Kids
Information Security Awareness: at Work, at Home, and For Your Kids
 
Data breach
Data breachData breach
Data breach
 
Phishing Attack : A big Threat
Phishing Attack : A big ThreatPhishing Attack : A big Threat
Phishing Attack : A big Threat
 
Security tools
Security toolsSecurity tools
Security tools
 
Online privacy & security
Online privacy & securityOnline privacy & security
Online privacy & security
 

Ähnlich wie Social media security

NTXISSACSC2 - Social Media: The Good, The Bad, and The Ugly by Paul Styrvoky
NTXISSACSC2 - Social Media: The Good, The Bad, and The Ugly by Paul StyrvokyNTXISSACSC2 - Social Media: The Good, The Bad, and The Ugly by Paul Styrvoky
NTXISSACSC2 - Social Media: The Good, The Bad, and The Ugly by Paul Styrvoky
North Texas Chapter of the ISSA
 
Cybersecurity - Defense Against The Dark Arts Harry Potter Style
Cybersecurity - Defense Against The Dark Arts Harry Potter StyleCybersecurity - Defense Against The Dark Arts Harry Potter Style
Cybersecurity - Defense Against The Dark Arts Harry Potter Style
Brian Pichman
 
Creating a digital toolkit for users: How to teach our users how to limit the...
Creating a digital toolkit for users: How to teach our users how to limit the...Creating a digital toolkit for users: How to teach our users how to limit the...
Creating a digital toolkit for users: How to teach our users how to limit the...
Justin Denton
 

Ähnlich wie Social media security (20)

DoD Social Media Guide
DoD Social Media GuideDoD Social Media Guide
DoD Social Media Guide
 
NTXISSACSC2 - Social Media: The Good, The Bad, and The Ugly by Paul Styrvoky
NTXISSACSC2 - Social Media: The Good, The Bad, and The Ugly by Paul StyrvokyNTXISSACSC2 - Social Media: The Good, The Bad, and The Ugly by Paul Styrvoky
NTXISSACSC2 - Social Media: The Good, The Bad, and The Ugly by Paul Styrvoky
 
ECSM 2021 - Ce faci dacă ți-au fost sparte conturile de social media
ECSM 2021 - Ce faci dacă ți-au fost sparte conturile de social media ECSM 2021 - Ce faci dacă ți-au fost sparte conturile de social media
ECSM 2021 - Ce faci dacă ți-au fost sparte conturile de social media
 
Cybersecurity - Defense Against The Dark Arts Harry Potter Style
Cybersecurity - Defense Against The Dark Arts Harry Potter StyleCybersecurity - Defense Against The Dark Arts Harry Potter Style
Cybersecurity - Defense Against The Dark Arts Harry Potter Style
 
TheCyberThreatAndYou2_deck.pptx
TheCyberThreatAndYou2_deck.pptxTheCyberThreatAndYou2_deck.pptx
TheCyberThreatAndYou2_deck.pptx
 
Social engineering-Attack of the Human Behavior
Social engineering-Attack of the Human BehaviorSocial engineering-Attack of the Human Behavior
Social engineering-Attack of the Human Behavior
 
CyberSecurity - Computers In Libraries 2024
CyberSecurity - Computers In Libraries 2024CyberSecurity - Computers In Libraries 2024
CyberSecurity - Computers In Libraries 2024
 
Hyphenet Security Awareness Training
Hyphenet Security Awareness TrainingHyphenet Security Awareness Training
Hyphenet Security Awareness Training
 
Cyber security
Cyber securityCyber security
Cyber security
 
Hyphenet Security Awareness Training
Hyphenet Security Awareness TrainingHyphenet Security Awareness Training
Hyphenet Security Awareness Training
 
Using Social networks for Recruiting
Using Social networks for RecruitingUsing Social networks for Recruiting
Using Social networks for Recruiting
 
Cybersecurity for King County Public Educators
Cybersecurity for King County Public EducatorsCybersecurity for King County Public Educators
Cybersecurity for King County Public Educators
 
Craig McGill on Cyber Security at #PRFest
Craig McGill on Cyber Security at #PRFestCraig McGill on Cyber Security at #PRFest
Craig McGill on Cyber Security at #PRFest
 
Phishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS WorkingPhishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS Working
 
Internet Security
Internet SecurityInternet Security
Internet Security
 
SOCIAL NETWORK SECURITY
SOCIAL NETWORK SECURITYSOCIAL NETWORK SECURITY
SOCIAL NETWORK SECURITY
 
Securing and Safeguarding Your Library Setup
Securing and Safeguarding Your Library SetupSecuring and Safeguarding Your Library Setup
Securing and Safeguarding Your Library Setup
 
ISMS Awareness Training (2) (1).pptx
ISMS Awareness Training (2) (1).pptxISMS Awareness Training (2) (1).pptx
ISMS Awareness Training (2) (1).pptx
 
Creating a digital toolkit for users: How to teach our users how to limit the...
Creating a digital toolkit for users: How to teach our users how to limit the...Creating a digital toolkit for users: How to teach our users how to limit the...
Creating a digital toolkit for users: How to teach our users how to limit the...
 
Hacked - Social Media Security Updates
Hacked - Social Media Security UpdatesHacked - Social Media Security Updates
Hacked - Social Media Security Updates
 

Mehr von Mosoco Ltd

Mehr von Mosoco Ltd (15)

A process for measuring cyber security culture (very draft)
A process for measuring cyber security culture (very draft)A process for measuring cyber security culture (very draft)
A process for measuring cyber security culture (very draft)
 
Digital transformation: knowledge management
Digital transformation: knowledge managementDigital transformation: knowledge management
Digital transformation: knowledge management
 
Digital transformation: digital business process
Digital transformation: digital business processDigital transformation: digital business process
Digital transformation: digital business process
 
Digital transformation: the future of retail
Digital transformation: the future of retailDigital transformation: the future of retail
Digital transformation: the future of retail
 
Digital transformation: introduction to mobile marketing
Digital transformation: introduction to mobile marketingDigital transformation: introduction to mobile marketing
Digital transformation: introduction to mobile marketing
 
Digital transformation: the digital workplace
Digital transformation: the digital workplaceDigital transformation: the digital workplace
Digital transformation: the digital workplace
 
Digital transformation: social media marketing
Digital transformation: social media marketingDigital transformation: social media marketing
Digital transformation: social media marketing
 
Digital transformation: introduction to cyber risk
Digital transformation: introduction to cyber riskDigital transformation: introduction to cyber risk
Digital transformation: introduction to cyber risk
 
Digital transformation: measuring your digital marketing returns
Digital transformation: measuring your digital marketing returnsDigital transformation: measuring your digital marketing returns
Digital transformation: measuring your digital marketing returns
 
Social media risk
Social media riskSocial media risk
Social media risk
 
Planning successful social media marketing campaigns
Planning successful social media marketing campaignsPlanning successful social media marketing campaigns
Planning successful social media marketing campaigns
 
Social media marketing (introduction)
Social media marketing (introduction)Social media marketing (introduction)
Social media marketing (introduction)
 
Research and truth
Research and truthResearch and truth
Research and truth
 
Introduction to user experience research (TechUK Designing Digital Health sem...
Introduction to user experience research (TechUK Designing Digital Health sem...Introduction to user experience research (TechUK Designing Digital Health sem...
Introduction to user experience research (TechUK Designing Digital Health sem...
 
Interactive tv text input usability report 2011
Interactive tv text input usability report 2011Interactive tv text input usability report 2011
Interactive tv text input usability report 2011
 

Kürzlich hochgeladen

Call Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine ServiceCall Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine Service
ritikaroy0888
 
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
Aggregage
 
Chandigarh Escorts Service 📞8868886958📞 Just📲 Call Nihal Chandigarh Call Girl...
Chandigarh Escorts Service 📞8868886958📞 Just📲 Call Nihal Chandigarh Call Girl...Chandigarh Escorts Service 📞8868886958📞 Just📲 Call Nihal Chandigarh Call Girl...
Chandigarh Escorts Service 📞8868886958📞 Just📲 Call Nihal Chandigarh Call Girl...
Sheetaleventcompany
 
BAGALUR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRL
BAGALUR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRLBAGALUR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRL
BAGALUR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRL
kapoorjyoti4444
 
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabiunwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
Abortion pills in Kuwait Cytotec pills in Kuwait
 
Call Girls In Noida 959961⊹3876 Independent Escort Service Noida
Call Girls In Noida 959961⊹3876 Independent Escort Service NoidaCall Girls In Noida 959961⊹3876 Independent Escort Service Noida
Call Girls In Noida 959961⊹3876 Independent Escort Service Noida
dlhescort
 
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
daisycvs
 
0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdf0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdf
Renandantas16
 
Insurers' journeys to build a mastery in the IoT usage
Insurers' journeys to build a mastery in the IoT usageInsurers' journeys to build a mastery in the IoT usage
Insurers' journeys to build a mastery in the IoT usage
Matteo Carbone
 
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
dlhescort
 
Cracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptxCracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptx
Workforce Group
 

Kürzlich hochgeladen (20)

Falcon Invoice Discounting platform in india
Falcon Invoice Discounting platform in indiaFalcon Invoice Discounting platform in india
Falcon Invoice Discounting platform in india
 
Monthly Social Media Update April 2024 pptx.pptx
Monthly Social Media Update April 2024 pptx.pptxMonthly Social Media Update April 2024 pptx.pptx
Monthly Social Media Update April 2024 pptx.pptx
 
Call Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine ServiceCall Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine Service
 
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
 
Chandigarh Escorts Service 📞8868886958📞 Just📲 Call Nihal Chandigarh Call Girl...
Chandigarh Escorts Service 📞8868886958📞 Just📲 Call Nihal Chandigarh Call Girl...Chandigarh Escorts Service 📞8868886958📞 Just📲 Call Nihal Chandigarh Call Girl...
Chandigarh Escorts Service 📞8868886958📞 Just📲 Call Nihal Chandigarh Call Girl...
 
A DAY IN THE LIFE OF A SALESMAN / WOMAN
A DAY IN THE LIFE OF A SALESMAN / WOMANA DAY IN THE LIFE OF A SALESMAN / WOMAN
A DAY IN THE LIFE OF A SALESMAN / WOMAN
 
BAGALUR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRL
BAGALUR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRLBAGALUR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRL
BAGALUR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRL
 
Dr. Admir Softic_ presentation_Green Club_ENG.pdf
Dr. Admir Softic_ presentation_Green Club_ENG.pdfDr. Admir Softic_ presentation_Green Club_ENG.pdf
Dr. Admir Softic_ presentation_Green Club_ENG.pdf
 
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabiunwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
 
Call Girls In Noida 959961⊹3876 Independent Escort Service Noida
Call Girls In Noida 959961⊹3876 Independent Escort Service NoidaCall Girls In Noida 959961⊹3876 Independent Escort Service Noida
Call Girls In Noida 959961⊹3876 Independent Escort Service Noida
 
Katrina Personal Brand Project and portfolio 1
Katrina Personal Brand Project and portfolio 1Katrina Personal Brand Project and portfolio 1
Katrina Personal Brand Project and portfolio 1
 
Phases of Negotiation .pptx
Phases of Negotiation .pptx Phases of Negotiation .pptx
Phases of Negotiation .pptx
 
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
 
0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdf0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdf
 
Insurers' journeys to build a mastery in the IoT usage
Insurers' journeys to build a mastery in the IoT usageInsurers' journeys to build a mastery in the IoT usage
Insurers' journeys to build a mastery in the IoT usage
 
Mondelez State of Snacking and Future Trends 2023
Mondelez State of Snacking and Future Trends 2023Mondelez State of Snacking and Future Trends 2023
Mondelez State of Snacking and Future Trends 2023
 
Value Proposition canvas- Customer needs and pains
Value Proposition canvas- Customer needs and painsValue Proposition canvas- Customer needs and pains
Value Proposition canvas- Customer needs and pains
 
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
 
Cracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptxCracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptx
 
How to Get Started in Social Media for Art League City
How to Get Started in Social Media for Art League CityHow to Get Started in Social Media for Art League City
How to Get Started in Social Media for Art League City
 

Social media security

  • 1. Social media security How to prevent hacks and manage them if they happen
  • 2. 1. Preventing hacks1. Preventing hacks
  • 3. Why are social media hacks a problem? • You are the CEO of a bank, tweeting regularly, and generally being hip • And then your Twitter account is hacked. There’s a tweet in your name that says the bank has made huge losses and doesn’t have enough money to pay account holders • People panic and there is a run on the bank…
  • 4. How do hacks happen? • People who want to cause mischief can get access to your password in a number of ways: – Passwords are hacked using “brute force” software that runs through all the possible combinations of letters and numbers – People steal (or find) unprotected portable devices – Devices are infected with spyware (often after a phishing attack) – Passwords are not changed when an employee who knows them leaves the company – The password is stored on a shared personal device which allows access by non-authorised people – Password lists are made available to non-authorised people • So what can you do about this?
  • 5. How can you stop hacking? • You can’t be sure of preventing hacking • But you can take some basic steps to make it less likely that people will succeed: – Use robust passwords – Limit access to social media accounts – Limit direct access to social media accounts – Keep in control – Watch out for Cookies – Educate people to avoid phishing attacks – Take care with mobile devices
  • 6. Use robust passwords • Ensure passwords are strong – minimum of 12 characters including at least one each of capital letter, lower case letter, number, keyboard symbol (e.g. ! $ % &) • Don’t use words or names in the password – Password isn’t a great password – And people realise that numbers are commonly substituted for letters: So P455w0rd isn’t great either! • Think of a phrase and use the first letters: – I love my wife Delvina and my two boys Caspar and Tarquin! becomes IlmwD&m2bC&T! • Ensure passwords are different for all accounts • Change passwords a couple of times a year
  • 7. Limit access • Audit number of people who have access (check for 3rd parties like agencies) • Severely limit the people who have access – If necessary appoint an “editor” who uploads content written by other people – Ensure that the contracts of people with access stipulate that passwords must not be shared – Keep a record of who has access
  • 8. Manage access • If you can, implement Single Sign On technology to manage access to your social media accounts • This means that people don’t have to sign onto social media accounts directly – they get access when they sign into your company network • Preventing direct access means that fewer people need to know or remember passwords and that passwords can be changed at any time
  • 9. Cookie attacks • Some platforms (e.g. Twitter, Facebook) are designed to remain open continuously – This is so that you get access every time you go to your computer or mobile phone • Keeping an account open all the time gives people an easy way into your account – If it is open on a mobile device which subsequently gets lost – if you are using a shared device and forget to log out. • The most secure way to handle this is to require access to corporate social media only via fixed company equipment
  • 10. Ensure you have control • Some platforms (e.g. Facebook) say business pages must be set up by private accounts – Don’t allow individuals to set up these pages: create an account representing your “corporate personality” instead – If private accounts have been used, you may have to start afresh even if it means sacrificing assets such as Likes • If you ask people to Tweet or Post for you make sure the accounts they set up are owned and capable of being managed by the company
  • 11. Avoid phishing attacks • Phishing: a hacker sends you message “from” your social network, asking you to log in to your account and provides you with a handy link • You enter username and password into a fake login page, which promptly captures the data – Often these attacks are personalised with your name and job title (“spear-fishing”) and look very credible • Prevent this through education. Train people to: – Recognise suspicious emails – Check the address of the site in the browser address bar – Avoid links in emails and navigate directly to their account
  • 12. Mobile devices • Mobile devices represent a risk because they can be lost or stolen • Limit access to corporate social media accounts via fixed computers in secure office locations • If you need access outside the office (e.g. for tweets at a conference): – Protect the device with a robust password – Make sure you have the ability to lock or wipe it remotely – Avoid using password vaults that remember passwords for you • If you are logging on to Twitter or Facebook on a mobile device log off after you finish
  • 13. Wi-Fi • Wi-fi connections may be insecure or dangerous • Check to make sure you are using the official wi-fi (check the exact name) – Don’t be tempted to use an alternative wi-fi even if seems to offer easy access • Don’t use the corporate account to tweet on wi-fi – Set up a secondary account and use it for out-of-office events – Use the event hashtag in tweets to ensure that people find your posts – Get colleagues to follow the secondary account and share your posts via the main corporate account as soon as possible
  • 14. Educate • Most protection can be gained through education • Help people understand where the risks lie, what they can do to minimise them, and why it is important
  • 15. 2. Five steps for2. Five steps for managing if you aremanaging if you are hackedhacked
  • 16. Step 1. Regain control by resetting passwords • Change the password on the account (to something harder to hack) • If the hackers have changed the password, reset it using the forgotten password link on the site – At the same time change the password of the account administrator’s email address as this may have been hacked too • If the hackers have locked you out of your account contact the social platform directly: – Search [platform name] AND hacked OR compromised to find the right page
  • 17. Step 2. Protect your other platforms • Now check all your other social media platforms and ensure they have not been hacked as well • If they are safe check that they have a secure password and that this is different from the passwords on your other social media sites
  • 18. Step 3. Get back to normal • Get your social media accounts back to the state they were in before the hacking incident • Delete unwanted content – Delete any content sent out without your authorisation • This doesn’t guarantee it will disappear completely and for ever as other people may have saved or shared it • Check your account settings – Make sure there aren’t any nasty surprises waiting for you • Have any automated responses been altered? • Does your profile contain strange links? • Have any Twitter lists been tampered with? • Do you have unexpected new some “friends”?
  • 19. Step 4. Let people know • Tell your audience – Post messages to followers apologising for any offence caused • Pay to promote these messages if the hack was serious – Put a message on your website and any other content such as blogs and social media profiles • Tell your employees – Reassure them and tell them what to do and say if they are asked about the crisis by friends or peers • Tell the media – Especially if the breach is potentially damaging you will want to make sure the media have your version of events
  • 20. 5. Review your security • Review security to reduce the risk of anything similar happening again – Ensure that you have followed the advice in the first part of this presentation • Review any applications that have access to your accounts; remove any you don’t recognize • Run a virus scan on devices that have accessed your accounts including mobile devices • If available, set up “2-factor authentication” (unless you have Single Sign On software) • Make sure employees are properly educated