smallbusiness.co.uk: Helping your business think big

Ross Walker, Head of Small Business at internet security company Symantec, discusses the precautions young companies should take when using social media platforms.

It’s a safe assertion that out of the 200 million global Twitter users, a fair chunk of the UK’s 4.8 million small businesses have already jumped on the social networking bandwagon.

However, whilst businesses are becoming increasingly convinced of the merits of using social networking sites, such for the likes of customer service, sales and recruitment drives, many are still unaware of the huge risks they can pose if they aren’t carefully managed.

When using any social media platform you have to remember there are risks involved and security policies must be agreed and implemented before a business starts to get social. Imagine if someone was to hack into your account and start sending out malicious links to your followers or started to impersonate you. This could cause irrevocable damage to your business. Cybercriminals are always looking for methods to acquire and exploit business information, because the return is often much higher than that of the average consumer.

According to our annual Internet Security Threat Report, which gives a detailed analysis of the internet threat activity over the last year, cybercriminals are increasingly using shortened weblinks to get users to click onto infected websites. The findings show that more and more of these shortened weblinks are being distributed via social networking sites. In 2010, 65 per cent of malicious links in news feeds observed by Symantec used shortened URLs. Of these, 73 per cent were clicked 11 times or more, with 33 per cent receiving between 11 and 50 clicks. This illustrates the scale of the problem – you can’t trust everything you read online and businesses of all sizes must take measures to protect themselves.

Small businesses are well advised to learn from the lessons of their peers. We recently partnered with ex-Dragon’s Den star and leading entrepreneur James Caan to provide UK entrepreneurs with advice on how to manage and protect their information assets. With over 38,600 followers on his @jamescaan Twitter account, James is a huge social media advocate. However, the issue of security trumped his agenda when one of his social media profiles was hacked a few years back. He quickly took steps to protect his information and always advises businesses to do the same.

Social media strategies require planning and time to ensure the right foundations are in place. Done correctly the return on investment can be huge, and the risks can be negated before you start. To get your small business on the right track, here are some really helpful tips on how to keep your customer information and business reputation safe whilst making the most of social media:

1. Proceed with caution

Talk to employees and create a plan that can be rolled out in the event of your account getting hacked. This could include instructing employees to immediately change the account password, notify the network of what has happened, and explain that actions are being taken to resolve the situation.

2. Don’t accept links from strangers

Tell employees to be conscientious about who is being added to the company’s social network and make sure that employees know not to click on links from unfamiliar followers. Shortened links can contain traps to malware and infect your computer system if opened. Care should also be taken when posting or re-posting links.

3. Assign a ringleader

Appoint one person to monitor and manage the company’s use of each social media tool. They can act as the gate keeper and manage who and how many people need account access.

4. Decide between guidelines and policies

Avoid uncomfortable situations where employees talk about their work online by educating them correctly on the official company social media policy. Guidelines provide a level of direction, while policies help protect the company more by providing a level of accountability in case the company reputation and credibility is put at risk.

5. Regularly update your passwords

The passwords you create should be strong (eight characters or more made up of a combination of letters, numbers and symbols) and regularly changed so that there is no risk to the business when employees leave. If you do need to keep a copy of your passwords somewhere then ensure they are kept in a safe, secure place that only a few people are informed of.