Lessons learned in protecting social media accounts

  • Published
  • By Brig. Gen. Kathleen Cook
  • Director of Public Affairs, Office of the Secretary of the Air Force
On a Saturday afternoon in late November, I was informed about a political remark that appeared on my Director of Public Affairs Twitter feed. A staff member called to ask if I was aware of the re-tweet. At the time, I was on leave, out of the state, tending to my daughter who had had surgery the day before. I was unaware of the retweet and when told of its substance, I arranged for a member of my staff to remove the tweet from the feed.

As far as how a tweet was unknowingly re-tweeted from my organizational account, we do not have a definitive answer. I realize this response may be unfulfilling to some, but it’s the truth. That said, as the owner of the account, I accept responsibility for its content.

What is clear is we’ve learned several lessons about protecting the security of social media accounts. Granted the lessons aren’t new, but it’s my hope that by highlighting them just one more time, others might avoid similar incidents.

- If you assume an organizational/positional account from a predecessor, change the password. Also, find out who else has/had access and determine if additional administrators are necessary.

- Make sure your password is difficult and not predictable.

- If others post on your behalf, consider having them include their initials behind their input.

- Never store passwords on a shared drive.

- Always log out and lock your device before walking away, putting it down, or tossing it in your pocket or purse.

In the end, what I know to be true is that the account belongs to me and I accept responsibility for it. I’ve applied the lessons above to safeguard both my personal and professional accounts and encourage every Airman reading this to do the same.