Social Media Security Steps for Financial Advisors

Social media has become a key tool for advisors to establish better communication with their existing clients while serving as an effective platform for attracting new business.

Although embracing social media is a worthwhile goal, it’s important to ensure your social media presence is secure and compliant. To help you do that, we’ve assembled a quick list of security tips that every financial professional should keep in mind when managing their social media presence.

Adhere to FINRA’s Social Media Regulations You should always refer to your employer’s compliance policy for social media first and foremost, but it’s also a good idea to have a working knowledge of FINRA’s regulations on social media and digital communications, which were just published for 2017-2018. Here are some of the takeaways from the regulatory notice:

  • Your firm must keep a record of any communications that were sent via direct messaging apps—as well as any communications sent via text message.
  • If your firm shares or links to content posted by an independent third-party, such as an industry publication, your firm then has adopted the content—meaning that you’re responsible for ensuring that the content complies with the same standards as communications created by—or on behalf of —your firm.
  • If your firm asks an individual or influencer to comment or post on your social media accounts, then you should clearly identify the comment or post as an advertisement.
  • If you like or share favorable comments posted on your business-use social media site, the comments are then subject to broader regulations for public communication, including the prohibition on misleading statements, testimonials, supervision and record-keeping rules.

Strengthen and Secure Your Password While you may think the passwords for your social media accounts are secure, odds are that they aren’t. In fact, a recent survey by University of Phoenix found that nearly two in three adults in the U.S. who have personal social media profiles say that their accounts have been hacked.

While it’s impossible to come up with a password that’s 100% hack-proof, here are a couple ways to make sure your log-in information is more secure:

  • Try not to use any words from the dictionary or any sequential numbers. Even though they’re more difficult to memorize, passwords that use random combinations of numbers and letters (ex: “7w31Hx88″) as opposed to set patterns (ex: “ABC123″ or “password567″) are far harder to crack.
  • Change your password often. Although it sounds inconvenient, the likelihood of your password being stolen greatly decreases the more frequently you update it. Try setting calendar reminders every 30 days to reset your password.

Create and Maintain a Practice-Wide Social Media Policy While only a couple people in your practice may use social media to promote brand advocacy through their own individual accounts, everyone in the office should know that they represent the practice at all times—even when they’re not in the office. A simple rundown of things that are unacceptable to post on social media (profanity, confrontational messages, offensive content) is a good place to start. Also, if multiple people manage your firm’s social media presence, make sure you’re all on the same page as far as the tone and frequency of your posts.

Enable Two-Factor Authentication In the wake of large numbers of social media users having their accounts hacked, major social networks made two-factor authentication available to limit fraud risks and make it more difficult for cyber-attackers to gain access to users’ accounts. By taking advantage of this security feature, you’re adding an additional layer of protection to prevent a potential breach of your firm’s social media accounts.

Here’s how to enable two-factor authentication on Facebook, Twitter and LinkedIn:

Facebook:

  1. Select the small drop-down arrow in the upper right-hand corner of your Facebook homepage, then select “Settings.” From there, click on “Security” in the left-hand menu and then click the edit button next to “Login Approvals.”
  2. Check the box “Require a login code to access my account from unknown browsers” to start the security setup process.
  3. You will then be prompted to provide information so that Facebook can reach out and verify that it’s you trying to access the Facebook account.

Twitter:

  1. From your firm’s profile page, select the icon drop-down and click “Settings and Privacy.”
  2. Then, click the box next to “Verify login requests.”
  3. Follow the steps to enable a verification code to be sent to your device when logging in.

LinkedIn

  1. Click your profile picture to open up a drop-down menu, and then select “Settings & Privacy.”
  2. On the “Privacy” tab, click “Security” and then “Change” next to “Two-step verification.”
  3. Click “Turn on” to change the status of two-step verification where you’ll then be prompted to enter your password and a mobile phone number.

While it may seem like there are a lot of policies, rules, and regulations to keep in mind when using social media, this medium is certainly worth your while. In fact, in a recent study, 46 percent of financial advisors say they’ve acquired new business via social media—with 23% of those advisors reporting wins of more than $1M.

If you’re interested in other ways to leverage social media for increased visibility and firm growth, check out our “Advisor’s Guide to Social Media” eBook.