Social Media Practices for Businesses

Social Media Practices for Businesses


In a world driven by the internet, social media has become an essential element of business reality; almost every company uses Social Networks to expand its online presence and reach potential and existing client.

But, like for every internet-connected technology, Social Networks can pose risks for your company both in terms of cyber security and brand reputation; this is why every business should have a clear and ad-hoc written social media policy.

Let’s have a look at some good practices to mitigate the risk of Social Media use:

1. First, are you sure that your business social media accounts have not already been compromised?

How could that have happened?

  • The email and/or the password you use to log into your social accounts could have been leaked and be therefore unsafe.
  • Someone could have created a fake account using your company’ name and brand, claiming to be you: this could put both your existing and potential clients at risk
  • Are your employees talking about the company online? If your employees (both existing and former) mention your business in negative terms and/or disclose sensitive information, this could damage your reputation.

2 .Your business should have a clear and straight forward social media policy: this is the first step to minimise the risk.

A Social Media policy should include everything, from what’s allowed and not on your official accounts, to the strength of the passwords.

What should a Social Media Policy include?

  • Brand guidelines for appropriate employee’s behaviour on social media, especially when mentioning the company they work for. In this case there should be directives on how to talk about the company and its services/products, how to engage in conversations mentioning your brand and what information are considered confidential and therefore are not supposed to be shared.
  • Address legal risks and make sure your employees understand them:
    • When posting, if the content has been borrowed or copied from an external source, there should be a clear crediting and a previous research to make sure images or content are not copyright protected
    • When employees are commenting on public content somehow related to the business, and are identifying themselves as employees while doing so, their comment should be accompanied by a disclaimer; a typical disclaimers usually looks like this: “Opinions are my own and not the views of my employer”
  • Password policy – strong and different passwords must be used for each social media account and should never be shared.
  • What content is approved and what is not
  • Administration rights and access based on role – employees access to the company’s social accounts should be restricted to those who have responsibility for them
  • How to proceed and mitigate a breach or a hack
  • Reporting procedure – if a member of staff becomes aware of issues with the social media accounts such as an account has been hacked or that inappropriate content is being posted the policy must clearly explain how to report these issues.

3. Make sure your employees are trained for a safe use of Social Media.  Social Media training should also be recurrent and not a one time off.

4. Give your employees a Cyber Awareness training, this will prepare them into recognising any threat and into adopting a safe behaviour not only on social media but in general: remember, your staff is your first layer of defence!

5. Perform a regular audit and monitor your Social Media channels: this simple task will allow you to spot and mitigate threats and promptly react to any of them. Think about putting someone in charge of this task, sometimes is better to have one person monitoring, as they will be able to have a more exhaustive view of the situation.


At CF Systems we provide a range of services that help clients devise effective policies that make their internal practices and data more secure from the threat from within. We also deliver the infrastructure and training that enable companies to have tailored security solutions, designed specifically for their business needs.

To find out more, please contact us on 01209 340030 or email us at