Security Best Practices for Social Media Users

Users of popular social media sites may not realize the potential risks to which they expose themselves while using and participating in social networking.

Most users develop a “dangerous level of assumed trust” with other users of these sites, regardless of whether or not they have actually verified their identities.

This is why it is a good idea for businesses to be aware of security best practices for social media users. Put in place employee social media policies to protect not only employees but also your company.


  • Don’t be a password sloth – Using the same password for multiple sites or accounts is lazy and can allow someone potential access to your banking information if an attacker has hacked your Twitter account.
  • Don’t give away too much information – Letting your social networks know you’re going out of town for vacation, your current location, birthday, place of birth, and family tree, are all factors that could be used against you for identity theft, or present danger to your family or belongings.
  • Don’t engage in “tweet rage” or posting rage – Think about your personal brand as well as your company’s brand before ever posting out of anger.
  • Think twice before posting work related posts – In 2009, the FTC guidelines stated that statements made by employees on social networking sites, blogs, and other sites, may impose liability on businesses.
  • Be wary of scams – Refrain from sharing information you shouldn’t (passwords, sensitive data, company secrets), and clicking on links you shouldn’t (malware). Some of these scammers use some of the following approaches to scam you of information:
    • Secret celebrity gossip
    • 419 scam – They hack a friends account, pose as them, and ask for money.
    • “Lol! Did you see this picture of you?” – Phishing with a question that piques the user’s interest, and then directs them to a fake log-in screen.
    • Quizzes and polls
    • Tweet for cash
    • Joining fake online groups without verifying authentication and the validity of the group and the individuals running the group.
    • Clicking on bad links that relate to news headlines.
  • Don’t over-share company activities – This can leak information to competitors.
  • Be wary of downloading mobile apps that may contain malicious software.
  • Be aware of social engineering tactics.
  • Be careful when mixing personal with professional – Friends include business associates, family members, and friends.
  • Do not add connections just for the sake of accumulating as many connections as possible – Always verify the person who wants to get in contact with you.
  • Avoid being “click happy,” especially on Facebook – This means clicking on every link that your friends post or invites from unknowns.

In today’s society, we are constantly sharing information, sometimes too much. Keep these social media security best practices in mind before posting your next Tweet.

Contact Sarah Morris at for more information on protecting yourself online and warding off potential cybersecurity threats.


Sarah Morris is the Managing Editor at KirkpatrickPrice, a valued partner of AIS Network. She is certified in General Information Security Fundamentals (GIAC GISF) and specializes in keeping organizations up to date on information security and regulatory compliance by being a thought leader and developing valuable content that revolves around industry trends and best practices.