Category Archives: Twitter

Making Social Media Secure

Making Social Media Secure
By Devin Redmond

As social media hacks continue to increase, the Internet buzz about how best to protect social accounts has also grown louder. As big brands like the Associated Press and others are hacked, loads of vendors and “experts” have started espousing processes and promoting technologies to secure social media accounts and prevent hacks. Yet there is no silver bullet: making your social media secure and protecting your brand requires a multitude of technologies and processes, some of which we’ll explore here.



Two-factor Authentication for Twitter

Last year, Twitter released two-factor authentication to increase user and account level security. Its two-factor technology requires the account password and a code sent to your phone.

Unfortunately, Twitter’s two-factor authentication isn’t scalable for accounts with more than one admin (i.e., any large brand) and doesn’t stop unauthorized tweets from applications. Additionally, if a user logs in with two-factor from a computer infected with malware, the hacker can pass tweets through the properly authenticated session.

So, although two-factor is a great way to prevent hackers from simply guessing your password, it’s not going to stop any of the more capable hackers, nor will it work on an active, brand owned account.

Physical Controls

To complement its two-factor authentication system, Twitter also issued a set of recommendations for social media marketers, including dedicating one computer just for Twitter publishing.

In reality, social media teams generally consist of multiple people across various departments and locations, so it’s not practical to only publish content from a single terminal, especially given the mobility of today’s employees and the need to interact with followers in real time – a key tenet of social media.

Physical controls do play an important role in social media security. Strong passwords, encryption, remote wipe, etc. are all important safeguards to ensure that unauthorized personnel don’t steal or gain access to trusted devices that have the capability (e.g., stored credentials) to access your social media accounts.

Content Moderation

Many organizations review and moderate content to block spam and offensive, abusive, and potentially regulated content. As social has become more and more ingrained as a means of communication within both everyday life and marketing strategy, content – both good and bad – has increased, and effective manual moderation has become essentially impossible.

Automated spam and malicious content removal tools are extraordinarily helpful technologies for combating the problem of content overload and removing inappropriate, offensive, or unwanted material from an account.  Although this doesn’t prevent the hack, it helps mitigate the impact and provides a quick remedy.

Profile Locking

Profile locks create a snapshot of your approved account profile – your correct logo, description, website, etc. – and regularly scan your profile for changes. If changes are made – by a hacker or a mistaken employee – profile locks will automatically alert you and can revert any subsequent posts and activity.

Publishing Tools

A common industry practice is to use publishing tools as a control mechanism for workflow and compliance. While these reduce the number of people with direct access to the account, they won’t actually catch or stop an account hack.

Publishing tools are a great way to make sure only authorized content gets distributed from authorized users. However, they only work if and when people use them correctly , and, more often than not, employees bypass them for convenience. Furthermore, there are cases where the credentials for publishing tools have been compromised and accounts were abused via the approved publisher.

So, although publishing apps are important and necessary, they have a very limited scope when it comes to security, and neither directly nor effectively stop hacks or other kinds of abuse of your social media accounts.

Application Controls

Do you know how many applications are authorized to publish to your accounts? Chances are there are quite a few, since you likely have multiple admins, each with their own authorized applications.

Social media application controls connect into your accounts to inventory and regulate which applications can access and publish on your behalf. Application controls, for example, can ensure that only a single application or explicitly approved set of publishing tools can push content to your social media accounts. In addition to helping you ensure compliant publishing, reduce blunders, and improve publishing ROI, they also ratchet down the attack surface to prevent attackers from bypassing your security controls, greatly reducing your risk profile.

Application controls aren’t the end all to social media security. If, for example, the only allowed publishing application is a web browser, then the browser itself is still a viable attack vector for hackers. But, if you combine your application controls with one or more of the aforementioned technologies/strategies, then your security increases exponentially.

Building a Secure Social Architecture

There is no perfect solution for securing your social media assets to effectively ward off hackers and prevent abuse. However, choosing a careful combination of technologies and strategies, such as the ones listed above, will give you the most effective defense against social media hacks and mistakes.

Devin Redmond is the CEO at Nexgate, a leading provider of social media security and compliance technology for enterprise brands.

Your Social Campaign Needs 1000x Followers

Your Social Campaign Needs 1000x Followers
By Chris Abraham

Very few people hang on your every word. Everything that comes out of Ellen’s mouth is duly noted. Same thing with Bieber, Gaga, and Katy. But if you’re reading this, there’s a good chance you’ll need to speak up, maybe repeat yourself, and be more persistent than the Earth’s top celebs or our most hallowed social media motivational speakers.

Yes, we might be heroes to a few people in our lives — our moms, namely, and maybe our dads, partners, children, if we’re lucky, and maybe a couple few people who either have deep crushes or are gunning for our jobs.

Don’t worry.

Just because you were BMOC or BWOC in high school or college doesn’t much matter in social. Actually, being a big muckety muck right now, no matter how much you’re worth or how much your local paper adores you, doesn’t guarantee social media celebrity.

So, there are three strategies that you’ll need to pursue if you’re interested in harvesting some ROI from your social media marketing campaign, be it in the form of content marketing, digital PR, or using social as part of a multichannel sales strategy — and I will only go into two of them in this post. If you don’t have any followers, speaking about activation and conversion is stupid: convert who, right?

You need more followers

You need more followers!

The more followers you have, the more likely that there will be someone paying attention to your messaging when you share your content, your announcement, your promotion.

It also heightens the probability of someone sharing, re-sharing, or actually clicking through to your content or your brand. A secondary benefit is that people respect numbers, no matter how authentic or real or true these followers are.

It’s a sad truth.

And finally, you can’t build a following unless you have a following. It’s very difficult to grow your followership with only the right people if you’re also not willing to collect everyone else. I am not going into how to do this right now (we’ll save that for another article), but you need more followers by hook or by crook — even, alas, if you need to buy them (if it comes to that). It’s easier to get rid of spammy followers than it is to develop a real following. I call it a social media bootcamp.

You need to work on things that are kind of inconsquential, but seem to be important to people: follower numbers (be it Twitter or Facebook) and your Klout score. The too cool for school crowd is preparing hateful comments right now, but it’s true: Klout scores and pure number of followers matter.

I mean, according to SocialBaker’s Fake Followers app, my President, Barack Obama, only has 46% “real” followers on Twitter. 35% of his followers are “fake” and 19% are what are called “inactive.” All that follower buying and yet the President of the US is still the number four most followed Twitter handle on the planet, right?

So, even though follow back schemes, Twitter’s promoted “who to follow” list, and full on buying hundred, thousands, hundred of thousands, or even millions of Twitter followers, cash-on-the-barrel. You need to start somewhere.

I guess when it comes to Twitter at least, and also Facebook and Pinterest, fake it ’til you make it seems to be a pretty great way to kickstart your Twitter empire. How else can you explain the shadow-obsession with applications like TweetAdder and Twiends?

I hate to say it here, but when it comes to celebrity, the more popular you become the more popular you are, and the more popular you become. When it comes to celebrity however, you cannot choose who adores you. Who even knows how much of all that is real grass root obsession or is the combined simulacrum of a dozen agencies and publicists?

Me? I think over the course of the last seven years that I have been on Twitter, I have tried loads of things. I am sure I bought Twitter followers at a time when I found a good source through my team whenever my team bought Twitter followers for clients and all that.

That said, I am lean: of all my followers on Twitter, only 1% are fake, 1% are inactive, and 98% are good — but it isn’t always that way. I spend a lot of time trimming, mowing, and pruning my own Twitter lawn. Tweetscaping, I guess I would call it.

OK, now that I have burnt all of my bridges and told you a little too much, and now that I will probably be drummed out of the Twitterati by everyone except possibly Robert Scoble and Guy Kawasaki (my shameless Patron Saints of Twitter), let me continue.

You need the right followers

I guarantee you that you’re much more likely to attract the right people once you have a certain amount of gravitas, and online that gravitas is defined by: who you are, of course; who you work for; what you’ve done; what you say; who you’re associated with (those are the old reliable); but also how many followers you have, the ratio of number of followers to number you follow (you need way more people following you than you follow to be a cool kid), your Klout score, and simple things like your bio, if you have a profile photo, if you have a nice background image, or if you’ve been on Twitter for a long time.

We people are a little like chickens: if a couple hens are really into a particular rooster, then all the hens will be into him.

And, if you spend all the hard work in finding the right people to follow, you can’t make any of these “right people” follow you back, can you? You can surely ask, implore, and demand, but you cannot make them.

I guess, at the end of the day, we’re simple creatures — and very superficial at that.

You need to be interesting, popular, successful, relevant, powerful, connected or influential enough to make that follow back worthwhile, especially when people want to keep their ratio as “cool” as possible by only following back high Klout, high influence, and high caste individuals (thereby benefiting from the friend and Klout association — what a racket).

To quote Tony Montana: “In this country, you gotta make the money first. Then when you get the money, you get the power. Then when you get the power, then you get the women.” And, the corollary, “On social media, first you get the followers, then you get the influence, then you get the business.”

Follow me

Chris Abraham

Principal Consultant at Gerri Corp.
Chris Abraham is a leading expert in digital, including online reputation management (ORM), Internet privacy, social media marketing and digital PR with a focus on blogger outreach, blogger engagement and Internet crisis response.
Follow me

Latest posts by Chris Abraham (see all)