You may have missed it, but Walmart’s social media team got itself in a bit of hot water last week when someone inadvertently tweeted a personal opinion from the corporate Walmart handle. It was a response to Rep. Josh Hawley from Missouri around his stance on voting against the Electoral College.
Thanks @Walmart for your insulting condescension. Now that you’ve insulted 75 million Americans, will you at least apologize for using slave labor? pic.twitter.com/oYJP4Cv2qE
— Josh Hawley (@HawleyMO) December 30, 2020
This certainly isn’t the first time we’ve seen this happen. And, it won’t be the last. Because many companies simply don’t have good social media governance guidelines in place. In fact, I’m surprised we don’t see a lot more of this!
Companies (especially big, publicly-traded orgs) should be a LOT more careful when it comes to their social media governance. Here’s just a few ideas that can help mitigate a whole lot of unnecessary risk:
Limit the number of people with access to your usernames and passwords.
In general, I feel like a lot of companies are far too loose with this. They give access to far too many people internally–people who certainly don’t need the keys to Twitter, Facebook and Instagram. They give username/pass info to agencies in many instances–and then never change the passwords! If it were my team, the number of people who had direct access would be very, very small.
Change passwords quarterly
This might be a little aggressive, but you’re trying to mitigate needless risk, right? At the very least, I’d change them bi-annually. Again, too many people have access. If you change the passwords often, that limits that access. And, by the way, too many people have access that no longer work for you–we’ll get to that one in a minute.
Only use social media tools for publishing and responding
This is probably a big reason we see some of these gaffes. If you’re using a tool like Spredfast or Sprinklr, it’s tough to publish from your personal accounts once you’re logged in under the corporate accounts. On the other hand, if you’re using the Twitter interface, I could easily see how someone would think they’re posting from their personal handle only to find out they tweeted from the freaking Walmart handle! It can happen–very easily. Stick with the publishing tools and most of that risk is mitigated.
Clean up your admins and editors twice a year–at minimum
Another common occurrence–you’re an agency vendor and you start work with a new client to help them with social media. You work on the account for a couple of years, helping them publish on Facebook, Twitter and Insta. Then, you decide to take a new job. You leave the agency. But, you still have the client’s access to their social channels! You’re still an editor on their Facebook page! You still have the credentials to their Insta page in your phone. HUGE RISK! By taking a half hour to simply review who has access to your social media accounts twice a year, you can squash this risk very easily. This is a no-brainer that, in my view, very few orgs probably do.