TheConversation

Blog archive

Enhancing social-media security

computer and network

To our recent article on the government's response to social media security, a reader wrote: Agencies should use social media platforms that have proven security. For instance, at a bare minimum, use two-step verification beyond username and password to better protect account access.

Frank Konkel responds: Federal agencies currently use more than 60 different social media platforms in their dialog with the public, and usually those platforms are used following "fed-friendly" terms of service agreements in place. The General Services Administration usually facilitates those agreements, and while they are beneficial in reducing duplication and the time agencies would otherwise spend negotiating these deals, social media security isn't something that can be negotiated in them.

This is why GSA's recent guidelines telling agencies to shore up their social media accounts were important. Twitter, for instance, is internally exploring two-step verification (also called multifactor or two-factor authentication) beyond a user name and password. Various reports suggest Twitter's multifactor verification would require a user to use a password, plus have access to a device – likely a smart phone – through which a randomly generated code is sent that must also be keyed in.

It sounds promising, but Twitter has not rolled out anything publicly yet. That means for the time being, some of the government's largest social media accounts – many have millions of followers or "likes" on Facebook – are secured by the same methodology as the teen down the street.

Because of the high-profile social media hacks over the past few months, including the hack of Associated Press' Twitter account that briefly caused the Dow to dip, it is likely that federal agencies will be among the first customers to climb aboard the multifactor authentication train. Until then, though, common sense guidelines are agency's best bets at making sure someone doesn't take control of their social media accounts.

Posted on May 07, 2013 at 12:10 PM


Featured

  • Defense
    Ryan D. McCarthy being sworn in as Army Secretary Oct. 10, 2019. (Photo credit: Sgt. Dana Clarke/U.S. Army)

    Army wants to spend nearly $1B on cloud, data by 2025

    Army Secretary Ryan McCarthy said lack of funding or a potential delay in the JEDI cloud bid "strikes to the heart of our concern."

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.