Skip to main content

Pro audit program · v1.0

Corporate Social Account Security

The Twitter, LinkedIn, Instagram and TikTok accounts your brand depends on get over-shared, under-protected and almost never audited. Quick check.

  • General target area
  • CIS Controls framework
  • 7 controls in this program
  • Cyentrix Cyentrix Trusted Author
Sign in to run → Back to library

About this program

The Twitter, LinkedIn, Instagram and TikTok accounts your brand depends on get over-shared, under-protected and almost never audited. Quick check.

Risks addressed

  • High Shared password across the marketing team leaks
  • High Departed agency or contractor retains access
  • Critical Account takeover damages brand or distributes malware

Controls (7)

  1. Inventory of every corporate social account + owner

    High

    Inventory of every corporate social account + owner

    How to test + evidence

    Testing procedure: List every official handle, platform, owner and approval workflow.

    Evidence to collect: Social account register.

  2. MFA on every social account (hardware key for Tier-1)

    Critical

    MFA on every social account (hardware key for Tier-1)

    How to test + evidence

    Testing procedure: Verify 2FA / passkey on every account; X / Meta / LinkedIn / TikTok / YouTube.

    Evidence to collect: MFA status screenshots.

  3. No shared / personal email used for account recovery

    High

    No shared / personal email used for account recovery

    How to test + evidence

    Testing procedure: Recovery email points to a managed corporate mailbox, not an individual.

    Evidence to collect: Account recovery settings.

  4. Posting via central tool (Hootsuite / Sprout / etc.)

    Medium

    Posting via central tool (Hootsuite / Sprout / etc.)

    How to test + evidence

    Testing procedure: Posters do not have direct platform login; tool brokers access via OAuth.

    Evidence to collect: Tool config + access list.

  5. Access reviewed quarterly + removed at offboarding

    High

    Access reviewed quarterly + removed at offboarding

    How to test + evidence

    Testing procedure: Quarterly recert + offboarding checklist explicitly revokes social access.

    Evidence to collect: Recert report + JML checklist.

  6. Documented response plan for account takeover

    High

    Documented response plan for account takeover

    How to test + evidence

    Testing procedure: Playbook: who calls the platform, who notifies legal, how to communicate to followers.

    Evidence to collect: Playbook + most recent test.

  7. Login activity alerts on each account

    Medium

    Login activity alerts on each account

    How to test + evidence

    Testing procedure: Platform-level alerts for new logins / device changes piped to a monitored inbox.

    Evidence to collect: Alert config + sample.