Ulery offered the following advice for keeping tighter reins on corporate Twitter handles and other social accounts:
6. Partition Work and Personal Social Accounts.
"Insist that social media accounts are completely segregated from personal accounts so social hacking or compromised personal accounts do not put the corporate accounts at risk," Ulery said. Building that wall could help reduce the risk of social missteps, too, such as embarrassing mistakes that can occur when an employee accidentally posts a personal message to a corporate handle.
7. Limit Hardware and Account Access.
"Require that corporate Twitter users access the account only from corporate-managed workstations," Ulery said. The same rule can be applied across any and all corporate social accounts. If you really want to reduce your threat vectors, Ulery recommended taking an extra step -- one that might be tougher for social media mavens to abide: Do not enable mobile phone integration.
In terms of access, Anscombe of AVG stressed the importance of companies treating social media account credentials as sensitive data. Grant access only to select employees who actually need it for their job; the more people who know the password, the greater the potential for breaches. "Everyone in a sense is a potential repeater," Anscombe said.
8. Give IT More Control.
Here's one IT pros might especially appreciate: Give end users less control. In particular, Ulery advised making it harder for employees to reset passwords on corporate social accounts, in part as an extra precaution against external hijacking. "Consider utilizing password reset email addresses that are not accessible by the social media team without IT involvement," Ulery said.
9. Make Social Media Explicit in Security Policies.
Don't assume everyone recognizes the risks associated with social media. Clearly include social media rules in security-related policies. If you've got a high-priority user group for anti-malware updates and other security protocols, include the corporate social media team. Likewise, apply the same password rules used elsewhere in the company to social accounts. And no matter what security safeguards social sites put in place, remember that they're not foolproof.
"Use of two-factor authentication does not relieve corporate security managers from their responsibility to train users on the potential risks of social media security, especially as it relates to the corporate brand's reputation risk," Ulery said.
Protect the most fragile part of your IT infrastructure -- the endpoints and the unpredictable users who control them. Also in the new, all-digital How To Sharpen Endpoint Security special issue of Dark Reading: Some say the focus should be on education to deal with the endpoint security conundrum; some say technology. But it's not a binary choice. (Free with registration.)