A woman stands at a counter in a restaurant and looks at the screen of an open laptop. The woman has long, wavy blonde hair, and she wears a black apron over a denim shirt. The restaurant in the background is out-of-focus and empty. Its walls are exposed brick and spherical lights hang from the ceiling.
Strong passwords are a must for protecting your business's social media accounts. If you struggle to remember passwords, use an online password manager or a physical logbook. — Getty Images/M_a_y_a

In 2021, more than 50% of businesses experienced at least one cyberattack initiated through social media. Small businesses are a frequent target of cyberattacks, and social media may be one area in which your company’s data is vulnerable. Keep your social media accounts secure by following these best practices.

Set secure passwords

Strong, unique passwords are the first step to protecting your social media accounts from being hacked. Many people simply use the same password for every social media channel. This is a mistake; once a hacker has that password, they can steal your data from virtually every platform. If you struggle to remember passwords, use a password manager like 1Password or Dashlane. Make sure you update your passwords regularly and remind your employees to do the same.

Use multifactor authentication

Multifactor authentication (MFA) requires users to provide two or more verification factors to log into a social media account. Rather than simply logging on with a username and password, MFA would require a password and a fingerprint, a facial scan, a one-time passcode, or all of the above. Facebook, Twitter, LinkedIn, and Instagram all offer ways to enable two-factor or multifactor authentication.

Only authorize known third-party tools

Social media scheduling platforms and other applications will ask for access to your account when you sign up to use them. Some of these tools genuinely need access to work. Others are less legitimate; it’s these applications you should watch out for. Login to all of your social media accounts and see what applications you are currently allowing to access your profiles.

“If you don’t check your list of authorized applications and remove it, that app still has access. The app could use its access to gather data about you without your permission,” said How-To Geek. “The app could be sold to new owners who want to use the app to make a quick buck — like how popular Chrome extensions are sold to advertisers who pack them full of adware.”

Limiting the social media responsibility to just a few members ensures better security from outside attacks.

Visual Edge IT

The process of removing third-party apps you no longer use can be time-consuming. You’ll need to visit a specific page on each social media site to check your list of connected services. Once you find that page, it only takes a few clicks to revoke access to any third-party tools you don’t recognize or use.

[Read more: How to Communicate a Data Breach to Customers]

Limit user access

Unfortunately, user error accounts for a big portion of security breaches. “Insider threats” — actions from a company’s employees that compromise cybersecurity — cost organizations an average of $4.58 million per year. Actively managing who can access and use your social media channels is an easy way to mitigate this risk.

“When access is too broad it can lead to mismanagement and confusion making your account more vulnerable to hackers. Limiting the social media responsibility to just a few members ensures better security from outside attacks,” wrote Visual Edge IT.

Follow the principle of least privilege when assigning levels of access to your team. Users should have the minimum level of access needed to perform their job.

[Read more: Security Guide: Keeping Your Business Safe Online and Off]

Say no to unknown friend requests

Fake accounts are everywhere, and unfortunately, many of them are used to conduct phishing scams against unwitting social media users. McAfee reports that, in Q3 of 2021 alone, Facebook took action on 1.8 billion fake accounts. These accounts are used to gather information on users, spread false information, or track your employees. Business profiles are there for a reason; your customers can follow your company there. Keep your personal profiles private, and be wary about strangers requesting to follow you.

CO— aims to bring you inspiration from leading respected experts. However, before making any business decision, you should consult a professional who can advise you based on your individual situation.

Applications are open for the CO—100! Now is your chance to join an exclusive group of outstanding small businesses. Share your story with us — apply today.

CO—is committed to helping you start, run and grow your small business. Learn more about the benefits of small business membership in the U.S. Chamber of Commerce, here.

Connect with vendors who can meet your needs

Answer a few questions to tell us more about what you're looking for, and we'll help you reach vendors who can provide you with more information, pricing, and products.