Social Media Security Lessons From the U.S. Army
The risks are too high for the U.S. Army not to take social media security seriously. To avoid classified information leaks and off-the-cuff comments that could jeopardize missions -- and even lives -- the Army created a 52-page handbook that details what is and isn't safe for soldiers and civilian personnel to post about online. The most recent version was published earlier this year.
Have you trained your employees on what they can and can't say about your business on their -- and your company's -- Facebook, Twitter, LinkedIn and other social media accounts? If not, you could be putting your business at risk for the spread of misinformation, leaked memos and competitive secrets and other potential public relations nightmares.
"It's easy to get complacent, especially within the context of casual online conversations," says Lt. Col. Vinston L. Porter, Jr., director of the Army's Online and Social Media Division. "It's ever more important to emphasize safe social media practices and to re-emphasize them often."
Here are three lessons from the Army that you can share with your employees when establishing social media safety and privacy guidelines for your small business:
1. Provide specific examples of what is and isn't okay to post about.
The Army provides soldiers with detailed examples of potentially dangerous social media posts and how they can be made safer and less revealing. For example, a post that reads "My Soldier is in XYZ at abc camp in abc city, Afghanistan," isn't safe, according to the Army's handbook. However, posting a more general version instead, such as, "My soldier is deployed to Afghanistan," is officially considered safer.
Similarly, you can make certain topics off limits for your employees over social media. These might include anything related to litigation, non-published financial data or unreleased product information.
Related: 4 Things You Need to be Doing on Social Media -- Now
2. Think about the competition before posting.
Soldiers in the Army are asked to stop and think of what might happen if a post -- whether a comment, geotag, photo or video -- ends up in the hands of the enemy. Could a careless post or GPS check-in compromise a mission, or their personal safety or the safety of their unit or family? If so, the choice is simple -- don't post it.
For employees, the question to ask before posting something is, "What could a competitor, an unhappy customer or a disgruntled former employee do with this information?" If your business manufactures consumer electronics or medical devices, for example, remind your staff often of the implications of releasing or discussing confidential product specs and images on their personal social media accounts and blogs.
3. Get serious about training social media personnel.
Soldiers who are in charge of public social media accounts that officially represent the Army are required to regularly undergo exhaustive Operations Security training courses.
Once you've designated an employee or contractor to maintain your company's social media accounts, thoroughly train him or her on your social media strategy as well as your social media conduct standards -- both for posting and commenting. This way, it's crystal clear what you expect when posting on your organization's behalf.
Related: 3 Essential Things to Teach Employees About Tech Security