t’s no secret that the pandemic has changed the status quo to allow more people to work from home. If businesses benefit from the change, this could generate a ‘new normal’ that extends into the long term.
Regardless of whether we all make it back into the office eventually or not, there has been an outcry from business owners for advice regarding ad accounts. With many employees and teams working from home, how do you keep tabs on your ad account and keep it safe from the wrong hands?
There are a great deal of benefits that come with employees working remotely. For example, many employees are more productive when given flexible hours. If they’re more productive in the mornings, they can get up at 6am and finish before 5pm. Communication between coworkers is trending towards improvement as well. When employees work from home, they have their email open more often and are easier to reach.
There are several risks that come with employees teleworking. Hackers are drawing people in for phishing attacks, which is the last thing you want when employees are logging into a Facebook Ad account. The wrong click on an attachment or link can send a system straight into a malware fiasco.
Secondly, a lack of IT staff can expose company networks to a variety of cyberattacks. The shift towards setting up remote access for all employees detracts from security, especially for small businesses.
With the combination of remote access and an increased risk of cyberattacks, some businesses don’t have the resources to handle this new way of working. Because of the current situation, the Cybersecurity and Infrastructure Security Agency has released new guidelines. The agency is encouraging businesses to focus on cybersecurity.
We’ll go through some advice and then answer common questions in this area.
Below is the advice from the agency’s guidelines broken down.
Firstly, businesses should patch VPNs, update security systems and do all they can to keep the network infrastructure secure. If possible, dedicate resources to cyber attack monitoring and detection. This includes monitoring logs that could show suspicious activity coming from external connections.
Next, employees should be aware of potentially damaging emails themed around COVID-19. Hackers are becoming more aggressive with phishing attempts because they know people are working from home. With the right training, businesses can keep Facebook Ad accounts safe.
Wherever possible, implement two-factor authentication on accounts. If this isn’t possible, ensure employees remember to create and update strong passwords. Remind employees of company policy as it relates to personal devices and remote access. If you don’t have one, we highly recommend implementing one soon.
Example guidelines in the policy might include:
Despite our best efforts, attacks may still happen, and this is where a business needs a proper incident response plan. What happens when the worst case scenario actually takes place? Who takes charge of the situation? During this time, contact information should be kept up to date, employees should understand WFH protocols and there should be a secure line of communication ready.
From the outside it seems like a simple system, but it’s really a complex web of collaboration, productivity and security. We’re focusing on the last today and how we can monitor and manage Facebook Ad account issues. How can we successfully manage account issues when workers are at home? We’ve answered some common security questions below.
For small businesses, limitations with internal IT are almost a given. Therefore, it’s normal to worry about employees using external file-sharing services to bypass the slow or limited system. For this, we recommend the Cloud App Security Broker. Essentially, this will show all cloud applications in use within the business. Simultaneously, it will deal with cyberthreats while allowing you to keep control of how you move data.
Facebook limits access to ads by giving you the power to manage certain permissions. We recommend reviewing the permissions you have active with Facebook Ad accounts. If you haven’t checked this in some time, you may be in for a surprise. For example, people who don’t even work at the company anymore could still have access. With workers at home, make sure the only people who have permission to access the ad account are those who need it. Furthermore, ensure these people all understand the security measures surrounding this account.
In the office, you may have several apps that help employees to do their work. What if these apps aren’t accessible from home? There are many lightweight agents that can help with this problem; we recommend the Azure AD Application Proxy. Instead of opening access to the whole network, this agent will allow a connection to on-premises apps. You can secure data and keep users protected by pairing this solution with access policies and Azure AD authentication.
Remind employees of their duties to keep data protected, keep the Facebook Ad account secure and only access the Ad account from a secure network. Your security policies now need to extend to personal devices.
When you explain the situation honestly to employees and get them involved in the process, they will understand that you’re not just introducing extra measures to make their job more difficult. Instead, they’ll appreciate that you’re trying to protect the Ad account and keep customer information safe.
When using Office 365, you can introduce a new security layer—this includes Azure Information Protection. Request that all employees implement Microsoft Defender Advanced Threat Protection (ATP). This way, you’re alerted to small issues before they have a chance to develop into potential breaches.
You may have noticed that more employees are attempting to log into Facebook Ad accounts and other applications via mobile. One of the best solutions to manage access is through an enterprise mobile device management platform such as Microsoft Intune. By using a platform like this, you keep all personal and corporate data segregated.
With Facebook, in particular, it’s important to be proactive with your security rather than reactive. For example, head to Settings> Security and Login> Where You’re Logged In. Here, you’ll see every device that has accessed your account recently and the location the request came from. By asking employees to only access the Ad account with specific devices in certain locations, you will be able to spot unusual activity more easily.
Other signs of a breach with a Facebook Ad account include a change in personal details, strange sent friend requests, messages that you didn’t send and campaigns that you didn’t create. We recommend going into the Setting Up Extra Security tab within the Security and Login section in Settings. Here, you can receive notifications when somebody logs in, enable two-factor authentication and set up other security measures.
With a proactive approach, you can monitor and manage Facebook Ad account issues safely and securely!