IMAGE: Kellyanne Conway on June 13, 2019. SOURCE: Mandel Ngan / AFP via Getty Images
It’s clear the world did not respond well to Conway’s comments when she used the term “alternative facts”. A quick google search reveals many memes and articles from hundreds of sources. It’s what happened next and the possible impact this could have on your business, that I want to focus on in this blog post.
- You’re brand can be hijacked by anyone across social properties. Twitter and Facebook appear to have little interest in helping you.
- If you don’t use 3rd party applications to access your social sites, you have little ability to control access.
Hijacking your brand
Anyone can create a social property, upload a logo of their own creation and call it just about anything they want. The perfect case in point are the various U.S. government agencies who have done this over the past week e.g. #altnatparkser.
Twitter has an Impersonation policy stating:
Impersonation is a violation of the Twitter Rules. Twitter accounts portraying another person in a confusing or deceptive manner may be permanently suspended under the Twitter impersonation policy.
As of 10:00am AEDT Sunday 29th January, 2017 the screen grab below shows the altnatparkser Twitter page. You will notice the logo says “established 2017”.
In his recent Forbes article, Leetaru looks at the commercial impact of copyright, Twitter not really doing much to stop it and the impact these rouge accounts can have on a business or government departments or agencies.
Putting this all together, it is a fascinating reflection of the social media era that a handful of government employees, united in their disagreement with new official government policies, could simply spin up a set of “resistance” social media accounts sharing the logo and similar name of their agencies’ official accounts and begin to live tweet as an “alternative” spokesperson for major US Government agencies.*
*SOURCE: Forbes.com “What The ‘Rogue’ EPA, NPS and NASA Twitter Accounts Teach Us About The Future Of Social” Kalev Leetaru, Contributor.
The following is taken from the above mentioned Forbes article and provides an update on specific Twitter accounts. Note however, Twitter does not appear to have done anything, it’s the administrators of the accounts who have acknowledged they need to make some changes e.g. the Alternative US National Park Service is seeking input from followers for the creation of an alternative logo.
UPDATE (1/26/2017 9:08AM EST): The EPA responded by email earlier this morning to state the use of the EPA logo by @ActualEPAFacts was unauthorized and that the matter has been forwarded to “EPA’s Office of General Counsel for further action.” @ActualEPAFacts has changed their logo, as has @RogueNASA, while @AltNatParkSer acknowledged that its use of the NPS logo could result in “criminal prosecution” and requested users help it design a new one. @RogueNASA referenced the possibility of Hatch Act violations in announcing that it has handed control of its account to non-US Government personnel, while @AltUSNatParkSer also announced this morning that it was doing the same. It has also been noted that there is a blanket ban on the use of US Government agency trademarks and logos on social media pages.
Who has access to your social properties?
For most companies and community organisations, you will have a range of social media properties, for example:
- Facebook Group/s
- Facebook Page/s
- Linkedin Company Page
- Twitter Account/s
- Reddit Account/s
The list could go on forever. Who has access to the administration area of these properties? Or, do you use a third party application like Oracle Social Relationship Management, HubSpot, Hootsuite etc?
Why 3rd party platforms?
The 3rd party platforms I mentioned above provided a very secure gateway to the admin functions of your social properties. They consolidate access to them via a single login and password which has it’s own levels of security built in.
For example, you may have contributors or authors who generate content, this content is submitted for approval. Once approved it can then be scheduled and posted automatically to the respective social site or sites. It eliminates the need to login into many e.g. Facebook pages to post one promotion or update. You can do it once from the 3rd party platform to many e.g. Facebook Pages.
If you’re not using one of these third party applications, or something like them, there’s a risk your brand could be hijacked by a rouge employee.
A warning from experience
I had a client go through this recently where a rouge employee took control of one of their social properties by removing all other administrators. It took several months of communication with the social property provider, forwarding extensive documentation about the business, their ownership of the business etc before their administrator level access was restored and the rouge employee removed.
Facebook and Twitter make it very difficult to contact them, there’s no phone number to call and the advice I received from my client was that there’s no specific person you talk to, it’s a very anonymous process.
My top 5 tips to help improve your Digital security
- You need to understand the various levels of access provided by Facebook, Twitter, Instagram etc. The same applies to your website. If you’re the owner of the business and you don’t have the highest level of access across your digital properties, you need to change that situation immediately.
- You should enforce a password update process. This should include the changing of passwords at least every 90 days. If your password to any of the accounts is “password”, you have no one to blame but yourself for any hacking etc.
- Depending on the size of your organisation and the number of social properties you use, you should explore solutions like Oracle Social Relationship Management, Hootsuite etc.