TheConversation

Blog archive

Enhancing social-media security

computer and network

To our recent article on the government's response to social media security, a reader wrote: Agencies should use social media platforms that have proven security. For instance, at a bare minimum, use two-step verification beyond username and password to better protect account access.

Frank Konkel responds: Federal agencies currently use more than 60 different social media platforms in their dialog with the public, and usually those platforms are used following "fed-friendly" terms of service agreements in place. The General Services Administration usually facilitates those agreements, and while they are beneficial in reducing duplication and the time agencies would otherwise spend negotiating these deals, social media security isn't something that can be negotiated in them.

This is why GSA's recent guidelines telling agencies to shore up their social media accounts were important. Twitter, for instance, is internally exploring two-step verification (also called multifactor or two-factor authentication) beyond a user name and password. Various reports suggest Twitter's multifactor verification would require a user to use a password, plus have access to a device – likely a smart phone – through which a randomly generated code is sent that must also be keyed in.

It sounds promising, but Twitter has not rolled out anything publicly yet. That means for the time being, some of the government's largest social media accounts – many have millions of followers or "likes" on Facebook – are secured by the same methodology as the teen down the street.

Because of the high-profile social media hacks over the past few months, including the hack of Associated Press' Twitter account that briefly caused the Dow to dip, it is likely that federal agencies will be among the first customers to climb aboard the multifactor authentication train. Until then, though, common sense guidelines are agency's best bets at making sure someone doesn't take control of their social media accounts.

Posted on May 07, 2013 at 12:10 PM


The Fed 100

Read the profiles of all this year's winners.

Featured

  • Shutterstock image (by wk1003mike): cloud system fracture.

    Does the IRS have a cloud strategy?

    Congress and watchdog agencies have dinged the IRS for lacking an enterprise cloud strategy seven years after it became the official policy of the U.S. government.

  • Shutterstock image: illuminated connections between devices.

    Who won what in EIS

    The General Services Administration posted detailed data on how the $50 billion Enterprise Infrastructure Solutions contract might be divvied up.

  • Wikimedia Image: U.S. Cyber Command logo.

    Trump elevates CyberCom to combatant command status

    The White House announced a long-planned move to elevate Cyber Command to the status of a full combatant command.

  • Photo credit: John Roman Images / Shutterstock.com

    Verizon plans FirstNet rival

    Verizon says it will carve a dedicated network out of its extensive national 4G LTE network for first responders, in competition with FirstNet.

  • AI concept art

    Can AI tools replace feds?

    The Heritage Foundation is recommending that hundreds of thousands of federal jobs be replaced by automation as part of a larger government reorganization strategy.

  • DOD Common Access Cards

    DOD pushes toward CAC replacement

    Defense officials hope the Common Access Card's days are numbered as they continue to test new identity management solutions.

Reader comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group