Most savvy bank and credit union executives are familiar with the term “SSL” and understand that SSL is an important tool for protecting sensitive data on their online banking systems; however, in my experience, only a small minority of these managers realize that SSL is also important when using their social media accounts. With the growing popularity of Twitter and Facebook as a customer facing communication channel between banks and their customers, it’s critical that these financial institutions protect their social media account identities just as carefully as they protect access to other sensitive systems. Here’s how you can force Twitter and Facebook to use SSL when you’re accessing sensitive account data.
Twitter has supported SSL for some time, but it’s not a default connection method. To make sure you’re operating in default mode, you normally would have to manually type in HTTPS:// (note the “S”) in front of the URL when visiting the Twitter website, like this https://www.twitter.com This ensures that your connection is protected by SSL encryption, but you have to remember to manually type in the full URL every time you visit Twitter. But Twitter offers an easier method that can eliminate the need for you to have to remember to do this every time.
When you logon to your account at Twitter.com:
- Click on the Profile link
- Click the Edit your profile link beneath your profile photo
- Scroll all the way to the bottom of the profile page and you’ll see a checkbox labeled HTTPS Only – Always Use HTTPS
- Check this box and then click the Save button
It’s important to note that this setting does not necessarily apply to Twitter access methods other than the Twitter.com website. Twitter clients that run on desktop computers, tablets and mobile devices each have their own respective security options that you should understand and, whenever possible, configure in the most secure manner possible.
Facebook offers a security option similar to Twitter that will automatically force areas of the Facebook website into an SSL protected connection. To enable SSL protection, you will need to:
- Logon to your Facebook account and then
- Click the Account link in the upper right hand corner and then select Account Settings
- In the Account Settings area, make sure the Settings tab is selected
- Expand the Account Security section
- I recommend checking both the Secure Browsing (https) box and the box to instruct Facebook to alert you each time someone signs into your account from an new computer or mobile device
Treat Your Social Media Accounts Like your Online Banking Account
Protecting your social media identities is just as important as protecting access to any other critical system within your bank or credit union. Make sure to get in the habit of looking for the SSL lock in your browser when using these sites and also make sure you fully understand the security options available to you in any mobile or desktop clients that you use to manage your social media accounts. This is especially critical for banks and credit unions who are using Twitter or Facebook for as a customer service tool where customers may be inclined to share sensitive information through a private or direct message.