4 minute read
7Tips to Secure your Facebook Page
7 Tips to Secure your Facebook Page
Victoria Boyko, Software Development Consultant Sophicity: We put the IT in city
Advertisement
With more than 2 billion monthly users, Facebook is the third most popular website in the world. Because so many people spend time on it, Facebook has become an importantplaceforcitiestocommunicateinformationand help bring people to your city ’s website. City departments often have their own Facebook pages that are individually managed, and those pages can be a fun, easy way to reach out to people.
However, Facebook pages can be plagued with security risksjustlikeyourcity ’swebsiteorsystems.Forexample, imagine a terminated city employee hijacking a city department’sFacebookpageandnotturningcontrolofthe page back over to the city.What would you do?And what could have been done to prevent this situation from happening?
While this situation is bad, we can easily imagine worse scenarios. If someone takes over your page, they can embarrass your city, spread misinformation, and use your page for a different purpose (like political extremism). Thatkindofhijackingcanbeamajorliabilitytoyourcity, and so you need to secure your Facebook pages.
How do you secure a page that’s hosted by Facebook that you don’t have direct control over (like your servers, software,orwebsite)?Herearesevensecuritytipsthatyou can apply today.
1. Follow password best practices.
Password best practices are not only good for Facebook pages. They are applicable to all accounts across all systems and applications. Best practices include: • Using a password on all devices—including smartphones and tablets. • Using passphrases (preferred), but at a minimum using complex passwords. • Using two-factor authentication. For example, to log in you will enter 1) your username/password, followedby2)acodesenttoyourmobiledevice. • Changing passwords regularly. • Not writing passwords down—especially where they are visible to others.
• Not using obvious passwords (such as "password" or "123456"). • Not allowing apps or browsers to cache/save passwords. • Not using the same password across systems, apps, and websites.
2. Change your password today.
Yes, we’re reiterating some of the points above. If you haven’t changed your password in a while or if it’s an incrediblyweakpassword,changeittoday.Plus,changing your password today immediately eliminates risks if other people (ex-employees, hackers, etc.) have stolen your current password.
3. Take advantage of the “Setting Up Extra Security” section of Facebook’s Security and Login settings.
If you go to your Facebook page’s Settings, you will see a tab for Security and Login. Go to that tab and you will see a section called “Setting Up Extra Security. ” Two important features are there that you should use. • Get alerts about unrecognized logins: If an unauthorized user or an authorized user from an unusual location attempts to log in to your Facebook page, then you will receive an alert. In many cases, these alerts will clue you in to a security problem. • Usetwo-factorauthentication:Wementionedthis under our password best practices, but Facebook allows you to easily set this up. A login to your Facebook page will require a user to enter both a password and a code sent to their mobile device.
4. Limit and manage authorized users.
Don’t just create one account and give everyone administrativeaccess.LimitwhousesyourFacebookpage and give them specific roles by: • Going to Settings on your Facebook page. • Going to Page Roles. • Under “Assign a New Page Role, ” you can type in the name or email address of a user and assign them a role such as Editor, Moderator, orAdmin.
Once set up, make sure you manage the list of authorized users and review it regularly. Otherwise, terminated employees or other unauthorized individuals may have access to sensitive information. Eliminate any user who is no longer authorized to make changes to your Facebook page.
5. Apply the above best practices to your email software.
Your Facebook page security will mean nothing if your email security is poor.Acity might create a generic admin email address used by many people to make it easy for them to log into a Facebook page account. Instead, have everyone use individual email addresses and make sure those email addresses are protected by strong password best practices, suspicious activity alerts, and two-factor authentication. Strong email security at your city prevents unauthorized users from accessing your Facebook page.
6. Check the “Where You’re Logged In” section of Facebook’s Security and Login settings.
Make a habit of occasionally checking the “WhereYou ’re Logged In” section of Facebook’s Security and Login settings to see if any suspicious devices are logged into your account. Each user will be identified by the type of device, browser, and location. It’s especially a red flag if someone unknown is logged in from an unusual location such as another country.
7. Use the Verified Badge for Government option.
We’ ve written previously about the benefits of acquiring a Verified Badge for your city ’s Facebook page. It makes your page the official, approved page for your city or city department. As we noted in a previous blog post, with a Verified Badge “ you now have more authority to shut downdamagingorslanderousFacebookpages.Ifsomeone operates a Facebook page that pretends they are your city or if they are misleading people about your city, then it’s easier as the owner of the official, verified version of your city ’s page to work with Facebook to shut down misleadingunofficialsites.Untilyoureceiveyourverified page badge, you may have to work harder to prove to Facebook that another site is unofficial and shouldn’t be representing your city. ” Facebook pages may seem simple because they are so quick to set up, but take them seriously from a security standpoint. In the wrong hands, a hijacked Facebook page can do your city a lot of harm. Apply the tips above in order to secure your Facebook page from hackers and hijackers.
