Pagoda Blog

How to Secure Your Social Media Accounts

July 19, 2018

Updated Dec 15, 2023


Social media is a necessary marketing tool for any business but as with any online platform, it comes with risks. After the Cambridge Analytica scandal, many individuals and businesses opted out of Facebook to protect their data. In May, 2018 Twitter (now X) accidentally revealed its users’ passwords in plain text, further chipping away the trust between users and social media platforms. This crumbling of trust led the EU to establish the GDPR (General Data Protection Regulation) which has affected the way nearly every solo entrepreneur and company conducts business online.



There are more recent social media data breaches as well. In July of 2023, 17 million records were leaked from a TikTok database, including usernames, email addresses, phone numbers, locations, and names. 


So how does all this affect the way you use and interact with social media? Should you close all your accounts and turn back the clock on your marketing efforts, investing primarily in print mailers and newspaper or radio ads? As we said before, social media is a necessary marketing tool and can’t be avoided if you want to reach your audience. People still spend much of their time on platforms like TikTok, Instagram, YouTube, and Facebook so it would be unwise to ignore the huge marketing potential they offer.  


Instead of opting out entirely, here are several ways to secure your social media accounts so that you can stay connected and safely leverage the power of social media marketing for your business.



12 steps to secure your social media accounts

1. Close unused accounts

Social media accounts are always connected to an email address so it’s important to regularly monitor them for suspicious activity. Old, unused accounts are easy targets for hackers. This is because the account owner often won’t notice until it’s too late that someone has gained access to their account and the email associated with it. Try your best to delete accounts you no longer use and monitor the activity on those you do.


2. Monitor your accounts regularly

Assign someone on your team to monitor each of your company’s social media accounts on a daily basis. Especially if your accounts have a lot of followers, a cyber criminal might target your account, gain access, and use it to promote their own campaign. If you receive an email notifying you of a login attempt from an unrecognized device, it’s important to follow-up. Always confirm that the login is from a trusted source -- if it’s not, notify the social media platform and change your password for both that account and the connected email account.


3. Don’t use Facebook or Google to sign into other apps

Reusing the same login for multiple accounts can expose your information to nefarious third parties and give advertisers permission to use your data for research and targeting. Take the extra time to create a unique login for all your apps rather than automatically signing in with Facebook. (Remember, security should always take precedence over convenience!)


4. Use unique passwords  

It’s tempting to use the same password for all your social media accounts but once a hacker uncovers it, all your accounts are compromised. Check out our article on password best practices to ensure your passwords are hard to crack. Worried about trying to remember all these difference passwords and making sure your team can remember them too? Use a password manager to store and share them with all necessary admin. You may also want to consider going passwordless.


5. Enable two-factor authentication

This should be your default setting for all accounts. Two-factor or multi-factor authentication requires an extra step before you can login to an account, such as entering a code sent via text or email. This means that even if someone cracks your password, there’s still one more layer of security between them and your account.


6. Clean up your admin

Do you still have Bob, the ex-employee from 5 years ago as an admin on your Facebook account? Remove him and any other admins that aren’t assigned to post to social media on behalf of your business. And while you’re at it, make sure that everyone who is an active admin is aware of cyber security best practices for social.  


7. Delete/remove apps you don’t use

You probably have apps connected to your Facebook or Google account that you don’t even realize are connected. Make sure none of these apps are collecting data you prefer they didn’t and double-check all the apps use HTTPS for their website.


See how to view all Facebook-connected apps in our blog post, Your Data and Facebook: Protecting Your Business in the Social Media Age


8. Track your connected apps

After you disconnect apps that don’t require an auto-login through Facebook, create a list of apps that require a connection to your social media accounts. These might include auto-scheduling tools like Buffer or Hootsuite or your email software. Read through their privacy policy and keep tabs on any updates to make sure your data is always secure.


9. Create an email address exclusively for social media accounts

Set up a unique email for social media accounts so that even if you are hacked, your personal information is safe in your primary email account.


10. Make your personal accounts private

Require people to send a friend request before they can gain access to all your photos and information to prevent hackers from finding out your email, birthday, friend list, and other compromising information.


11. Don’t use the auto-login feature

Besides making it harder for someone who steals your laptop or phone to gain access to your accounts, this has the added benefit of reducing the time you spend scrolling through your feed. If you can’t just click over to Facebook or Instagram, you might just get that big project done on time!


12. Keep up with updates

Last but not least, always update to the latest software version for both your operating system and your apps to ensure you receive the latest security patches.


Vigilance and diligence is key   


Social media is a valuable marketing tool for your business but it’s important to actively monitor each account and follow the above steps to prevent the wrong people from gaining access. When conducting either personal or company business online, vigilance and diligence can go a long way to protecting your data.




Want to get more posts like these once a month in your inbox? Sign up for the Pagoda newsletter and learn how to protect and grow your business with monthly IT tips from our experts. 


Did you know we also have a weekly LinkedIn newsletter? Make sure to subscribe for weekly actionable IT advice and tech tips to set your business up for success.


Need ongoing IT support for your business? Contact us for a free consultation. We’d love to work with you!



About Pagoda Technologies IT services

Based in Santa Cruz, California, Pagoda Technologies provides trusted IT support to businesses and IT departments throughout Silicon Valley, the San Francisco Bay Area and across the globe. To learn how Pagoda Technologies can help your business, email us at to schedule a complimentary IT consultation.


Return to Pagoda Blog Main Page

As your trusted IT service partner, Pagoda Technologies is here to help you achieve your near and long-term business goals through reliable and affordable IT support. 

Pagoda Technologies

101 Cooper Street

Santa Cruz, CA 95060


Contact us for a free IT consultation



Get in touch 

Join our newsletter

Want IT to serve you better? 




Follow Us

Facebook LinkedIn LinkedIn