How to Keep Your Online Social Network Safe
Join us at Entrepreneur magazine's Growth Conference, Dec. 15 in Long Beach, Calif. for a day of fresh ideas, business mentoring and networking. Register here for exclusive pricing, available only for a limited time.
Fraudulent or annoying content on your company's social network can undermine customer trust and ultimately hurt your business.
Such content runs the gamut from automatically generated mass emails trying to sell something to carefully crafted cons intended to swindle users out of money. To prevent spam and scams from infecting your social network and harming your reputation, consider these five tips to help keep your users safe:
1. Require extra verification from users. When spammers attempt to reach as many people as possible, they often develop programs that create multiple fake users on social networks. But if there's an extra level of verification in the process to create a user profile or to log in, a spammer's program will fail, says Kevin Cardwell, master trainer for the International Council of E-Commerce Consultants. For example, a user might see an image of a house and have to identify it to log in. Another popular type of verification, which is called CAPTCHA, requires users to type the letters and numbers shown in a graphic script. Individuals can easily complete these verification tests, Cardwell says, but it is "harder to write automatic tools to do that.”
Your IT team should be sure to insert these extra layers of verification. Alternatively, if an entrepreneur is purchasing an application to develop a website, security features should be included, Cardwell says. Some Internet security companies, such as DeepnetSecurity, also can help business owners add additional layers of verification to the login process. Prices for such software vary, but DeepnetSecurity offers price quotes on its site.
2. Install a web application firewall. A firewall protects users by preventing hackers from compromising the site. While there is virtually no way to completely eliminate problems, a firewall "is going to mitigate the risk and make it harder" for a hacker to get into your site, says Cardwell. "Usually, they will go to someone who is not protected by a web application firewall" in the same way that a burglar alarm deters thieves. Cardwell recommends ModSecurity and WebKnight, which are free, as well as Profense, which costs $2,995 and includes one year of technical support and upgrades.
3. Identify risky devices. Every digital device has a unique Internet Protocol address, or IP. If you find hundreds of posts or profiles from the same IP address within a short period of time, that's a good sign the user is fraudulent. Spammers often rely on quantity: If they send out enough emails or set up enough fake profiles, they figure somebody will bite. David Evans, the online editor of Online Dating Insider, a blog covering the business of online dating, recommends monitoring what device users are logging in with using a company called iovation. Iovation has a database of more than 800 million unique devices and can identify those that have been involved in risky activity. The cost to use iovation depends on the industry and transaction volume.
Two other online security companies that Evans recommends are MaxMind and Subuno. MaxMind charges a product license fee that runs $15 to $370, plus a monthly update fee that ranges from $3 to $90, depending on the type of database. Subuno charges between $19 and $249 a month, based on the number of transactions.
4. Scan your site for links. Hackers or spammers will post responses to online conversations by directing customers to another site. An entrepreneur should be wary of a comment along the lines of, "Oh, what you said here is very interesting, take a look at this link that says something that is similar," says Jules Polonetsky, director and co-chair of the Future of Privacy Forum, a Washington, D.C.-based think tank, and former chief privacy officer at AOL. Typically, the link will take a user either to a site where a spammer is selling something or to an infected site that will compromise the user's computer or steal personal information.
5. Empower your customers. "An owner of a small business can't be everywhere," says Polonetsky. "It is the other posters [to your website] who are there day-to-day who can be the best eyes and ears." So you want to give your users a way to flag inappropriate behavior. Popular sites like Facebook and YouTube have clickable icons for reporting spam or other inappropriate content, Polonetsky says. "Responding to your active members and making it very clear that you want to hear and that you will react to what they raise helps deputize every one of them."
Corrections & Amplifications: The name of the online security company Subuno was incorrectly spelled in an earlier version of this article.