TheConversation

Blog archive

Enhancing social-media security

computer and network

To our recent article on the government's response to social media security, a reader wrote: Agencies should use social media platforms that have proven security. For instance, at a bare minimum, use two-step verification beyond username and password to better protect account access.

Frank Konkel responds: Federal agencies currently use more than 60 different social media platforms in their dialog with the public, and usually those platforms are used following "fed-friendly" terms of service agreements in place. The General Services Administration usually facilitates those agreements, and while they are beneficial in reducing duplication and the time agencies would otherwise spend negotiating these deals, social media security isn't something that can be negotiated in them.

This is why GSA's recent guidelines telling agencies to shore up their social media accounts were important. Twitter, for instance, is internally exploring two-step verification (also called multifactor or two-factor authentication) beyond a user name and password. Various reports suggest Twitter's multifactor verification would require a user to use a password, plus have access to a device – likely a smart phone – through which a randomly generated code is sent that must also be keyed in.

It sounds promising, but Twitter has not rolled out anything publicly yet. That means for the time being, some of the government's largest social media accounts – many have millions of followers or "likes" on Facebook – are secured by the same methodology as the teen down the street.

Because of the high-profile social media hacks over the past few months, including the hack of Associated Press' Twitter account that briefly caused the Dow to dip, it is likely that federal agencies will be among the first customers to climb aboard the multifactor authentication train. Until then, though, common sense guidelines are agency's best bets at making sure someone doesn't take control of their social media accounts.

Posted on May 07, 2013 at 12:10 PM


Featured

  • FCW Perspectives
    human machine interface

    Your agency isn’t ready for AI

    To truly take advantage, government must retool both its data and its infrastructure.

  • Cybersecurity
    secure network (bluebay/Shutterstock.com)

    Federal CISO floats potential for new supply chain regs

    The federal government's top IT security chief and canvassed industry for feedback on how to shape new rules of the road for federal acquisition and procurement.

  • People
    DHS Secretary Kirstjen Nielsen, shown here at her Nov. 8, 2017, confirmation hearing. DHS Photo by Jetta Disco

    DHS chief Nielsen resigns

    Kirstjen Nielsen, the first Homeland Security secretary with a background in cybersecurity, is being replaced on an acting basis by the Customs and Border Protection chief. Her last day is April 10.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.