Skip to main content

The potential of social networks as part of our advertising strategy is every day greater, and it is for this reason that in recent years they have become a consistent target of attacks, with the aim of obtaining information or extorting money from target companies. .

While it is true that different social media companies have worked to almost completely eliminate these vulnerabilities, at the end of the day this security will depend on the proper use we make of these platforms.

That is why today we share with you the main privacy and security practices to keep your accounts out of harm’s way.


First of all, create a social media security policy. This will contain the guidelines on how your employees should use social networks in a responsible way, how to protect themselves from security threats, legal problems and treatment of public relations.

Your policies should include:

  • Definition of vocabulary and brand identity to be projected by making use of official accounts.

  • Rules of confidentiality and personal use of social networks.

  • Rules related to confidentiality and copyright.

  • Rules on how to create an effective password and how often to change them.

  • Guidelines on the software and devices to be used, as well as their timely update when appropriate.

  • Guides that allow you to safely identify and prevent threats, fraud, attacks and scams.

  • Define the personnel in charge of the administration, management and resolution of security and technical problems.

Our policies must evolve as new security measures and new threats emerge. It is advisable to have a minimum quarterly review of the state of our networks. Yes, that fast, or even earlier, changes can be generated in the security tools and policies of the same social platforms.

Privacy settings

Check that your privacy settings are aligned with your data policy. Use strong passwords, preferably with combinations of uppercase, lowercase, numbers, and symbols. Renew them periodically and store them with due care so that you can refer to them again in any eventuality.

Access and roles

Limit access to official accounts. The truth is that your employees are more likely to cause security breaches than hackers. Limiting access to official accounts to only the right trained personnel is one of the best ways to keep them out of harm’s way.

There must be a responsible person in each of your accounts, and although your social media project may include teams of several people in charge of the different aspects of account management, such as content creation, service or the application of ads , the truth is that not everyone needs access to all the functions of an account.

Most, if not all of the major social media platforms, such as Facebook, Instagram, Twitter, and YouTube, help us maintain these control mechanisms by assigning privileges and roles to the various users with access to our accounts. .

Most common security threats

Phishing attacks. These target specific people with the intention of stealing your data. Criminals usually pose as trusted persons, requesting information or sharing infected links through messages and emails.

Malware or virus. Trojan viruses and keyloggers can be used to compromise our information and therefore access to our social accounts. These can come from malicious links, unsafe websites, plugins, and other infected devices. The easiest way to avoid them is to maintain healthy browsing habits and judgment when checking our mail and messaging accounts.

Avoid clicking on short links and especially on spam.

Brute Force attacks. One of the oldest and most used, consists of trying different passwords to try to access through commonly used basic keywords.

In case of identifying any intrusion, notify the social network, change your password and make the corresponding report within the platform.

Human error

Pay attention to your own posts and make sure only pre-planned and authorized content gets published. Monitor your channels and participate in social listening.

Doing this helps us avoid, or correct in time in less ideal cases with errors, unauthorized, or clearly malicious.

Maintain a good relationship with your employees. Curiously, the main statistical source of leaks and security breaches as a result of dissatisfied employees or former employees.

Imposter accounts

We must be aware that there are no impostor accounts that can damage our brand and especially our audience.

Phishing scams use fictitious accounts to mislead people, often requesting personal information about bank accounts and passwords by posing as customer service accounts.

It is also important to check that we are not the ones who are duplicating our accounts and possibly neglecting our audiences.

In the description I leave an article about how duplicate accounts can generate errors and confusion for users who are looking to contact your business.


It is important, once we have our defined guidelines, train all staff on good security practices, not only in networks, but in general digital. Many of the threats usually come from the least apparent places on the web, such as emails and even messages with malicious content. It is a fact to keep in mind.

It is best if our policies are easy to understand and promote the positive participation of all team members in our social media marketing planning.


Conduct regular audits. Periodically check that your computers and devices are free of malware and viruses. Lean on your IT team to learn about new published threats.

Specific protection steps

Two-step security

Enable two-factor or two-factor authentication modes to add an extra layer of protection in case someone steals your password. When using it, the different platforms will ask you in addition to your username and password, to confirm access through a code per call, message or through a device such as your linked Smartphone.

Activating it is very simple and we leave you in the description with specific steps to do it in each of the main platforms through the official links of each of them.

Facebook Instagram


Google YouTube

Login alerts

Enable login alerts. They will notify you by means of a message or email every time you or someone else accesses or tries to access your accounts on a new device or in a suspicious way.

You can check in the description how to activate the alerts according to each platform.

Facebook Instagram


Google YouTube

In this way, and especially with the application of these last two points, your network accounts will be more secure, so that security is not one of your concerns and you can focus on continuing to make your business great.

Cuauhtémoc Fonseca

Cuauhtémoc Fonseca

Soy un profesional de marketing con años de experiencia y habilidades en muchas de las diferentes áreas que conforman la mercadotecnia actual. Trabajo directamente en el desarrollo de estrategias efectivas & soluciones integrales de marketing.

Leave a Reply