Control social media access with tough-to-crack password

Companies that use social media need to have a clear policy in place for such tools, says an attorney.

A social media policy should “clearly define who can speak on behalf of the company using social media,” said Michael R. Overly, a partner with law firm Foley & Lardner L.L.P. in Los Angeles.

It also must establish “the type of information that can be communicated via social media,” he said.

JoAnna L. Brooks, a partner with Jackson Lewis L.L.P. in San Francisco, said firms should make sure their workers know not to violate internal policies with respect to discrimination, harassment and the communication of confidential information, including trade secrets, nor to engage in “any sort of unfair competition.”

In addition, passwords for corporate social media accounts should follow recommended guidelines for complexity, including having at least seven characters—a combination of alphabetic, numeric and special characters—and should be changed frequently, typically every 90 days, Mr. Overly said.

“Many companies use a password like "admin' and never change,” he said.