First published on CloudBlogs on Feb 19, 2015
Social media has become one of the best ways for companies to reach out and connect with customers. Restaurants use it to share specials and events. Police departments use it to quickly spread the word about missing children or urgent updates in dangerous situations. Big corporations use it as a platform for promotions and marketing campaigns. The ease of use is a huge advantage to those wishing to reach a vast audience instantaneously.
But as we know all too well, social media is vulnerable and a common target for hackers. These attacks are sometimes amusing and innocuous, but they can also be incredibly damaging to a company’s reputation. Often times these hacking groups aren’t just looking to cause mischief, and instead the attacks are quite malicious. Your company needs to consider how secure you are from these types of attacks.
Sometimes though, the threat doesn’t come from outside the company.
The Inside Man
More often than not, the people who hack twitter accounts are company employees (or ex-employees). Sometimes disgruntled employees deliberately defacing their previous employers. In other situations, employees genuinely slip up and believe they are posting to their personal account.
Now, how can you avoid this type of disaster?
The Wrong Way
As we’ve seen, many companies do not have systems in place to handle these situations. Handing out passwords for your social media accounts is a recipe for disaster. When is the last time your account password was changed? How many employees have left the team since then? There is no barrier between them and your potential misfortune.
The Right Way
With Azure Active Directory Premium, instead of handing out passwords, you can grant your employees access to your company’s enterprise Twitter application by using the shared account model: One or more twitter - or other app - accounts can be assigned to a group of users. All current and future members of this group will have access to the application. Once you grant them access, the application icon, will appear in their
single sign on portal
or mobile app, and they can log on and use it with their work account credentials, the same they use for their business applications. If the employee tries to access the corporate twitter outside of this sign on portal, they will be unable to do so because they don’t have the actual twitter password. Once an employee’s access to the portal or application is revoked, they will no longer have access to your corporate twitter account. Now you don’t have to change your company’s password every time an employee leaves the social media team.
The application can additionally be secured with Multi-Factor Authentication for all users or based on location and other conditions. Imagine a hacker has somehow gained access to an employees work credential and logs into the portal. If you have Multi-Factor Authentication enabled, the hacker will still be unable to infiltrate your accounts.
To learn more about the capabilities that Azure Active Directory Premium provides to keep your corporate data secure, head over to the Active Directory