If your organisation uses platforms like Twitter, Facebook, LinkedIn, or Instagram, it's important to take steps to prevent harmful or inappropriate content from being posted whether by mistake or maliciously. Even if you already have a process in place, it's worth reviewing how social media is being managed.
This guidance from the NCSC is aimed at:
- Staff who set up social media accounts
- Staff who create, review, approve, or publish content
- Staff involved in buying social media tools
Why Social Media Can Be Risky
Social media is fast-moving and public. Mistakes or misuse like posting personal opinions instead of official messages, or sharing inaccurate or offensive content can damage your organisation’s reputation.
Common risks include:
- Misinformation or fake news
- Accounts being hijacked and used maliciously
- Disgruntled staff posting harmful content
- Incomplete or rushed messages going live
Key Precautions to Reduce Risk
To protect your organisation:
- Limit publishing rights to authorised staff only
- Ensure content is accurate and approved before posting
- Keep content up-to-date
- Have a recovery plan in case something goes wrong
Even with safeguards, mistakes can happen so it's vital that everyone involved understands the risks and knows what to do if something goes wrong.
Recommended Actions from NCSC
- Restrict publishing access to authorised users
- Manage access when staff leave or change roles
- Use secure platforms and tools
- Review and approve content before publishing
- Use corporate devices for posting
- Have an emergency recovery plan in place
For more details, visit the NCSC website:
Social media: protecting what you publish