The Cybersecurity and Infrastructure Security Agency has introduced new guidance providing ways to ensure the security of social media accounts operated by organizations.
The measures outlined in the Capacity Enhancement Guide seek to reduce the risk of unauthorized access on Facebook, Instagram, Twitter and other social media platforms, CISA said Thursday.
CISA recommends that organizations’ administrators of social media accounts take several measures to protect accounts from unauthorized access.
These include establishing and maintaining a social media policy; implementing credential management; enforcing multifactor authentication; managing account privacy settings; using trusted devices; vetting third-party vendors; maintaining situational awareness of cybersecurity; and developing an incident response plan.
To enforce credential management, CISA calls on organizations to limit the number of employees that can access the organization’s social media accounts, use a corporate account feature if the platform offers it and safeguard email accounts connected to the social media accounts.