The Semacraft Blog

I am yet to bump into a business that sets up shop but goes out of its way to ensure the reception area is unmanned 24/7.  I’m not quite sure how many are like me, but if I walk in and find no one to serve me, I’ll probably go and not come back. Of course ATM lobbies don’t count.  For consumer-facing businesses, spending time and money planning and putting together a great reception is a no-brainer because we have no problem seeing the relationship between the brick and mortar storefront and our ability to compete and grow.  So why do so many businesses ignore the online storefront they put so much money into designing, building and marketing?

Read the rest of this entry »

Starting a new project can be daunting. The scale of the project is not always what is most daunting but the scale of management’s expectations, or even your own. Social networks have become the foreign lands every brand feels the need to setup an embassy. But how much investment is needed? How do we measure this new thing? Does it have an ROI? What if it fails? These questions, and more, keep many brand profiles on social networks at the experimentation stage for long periods of time. So the young chap who spends inordinately long hours of Facebook gets the job of setting up and managing the profiles and is then left to his devices.

Read the rest of this entry »

I heard this statement recently. “The first level of care is showing interest“. Ergo the first step for a business providing online customer care is to show interest in its customers. The very first way a brand can show interest in its customers is by showing interest in the ideas it’s customers are talking about. What does this look like? Responding to comments on your blog, responding to tweets, providing input on industry discussion lists, reaching out to grieved clients via email…get the picture? But that’s only the beginning.

Read the rest of this entry »

As a follow-up to our post on what to do when your profiles are hijacked, we were working on a post about surviving social media disasters.

And then we saw this article on Mashable. Go ahead, click here to read it. We couldn’t have said it better 🙂

Brands have been establishing outposts on social sites such as Facebook, Twitter and LinkedIn now for a number of years. The last two years have reached fever pitch. Here are some basic realities of these profiles as we have found in our very unscientific survey.

• Many brands that have started experimenting on these sites update their content by logging in directly.
• There are organizations that use third-party services such as Co-Tweet and Hootsuite to update their content.
• Some organizations have been outsourcing the management of their outposts to agencies.
• Many profiles managed by agencies and/or brands with social media teams are updated by more than one person.

Here’s my take. The weakest link in the chain is the username and password. The efforts that have been made by criminal cyberspace gangs over the past decade to harvest identity data should worry administrators some. The Mariposa bot was a big wake-up call for us.

What does this mean for brands with a presence on the social web? Simple. Your website used to be a primary target for hackers. Now it’s going to be your social web profiles. Here’s a scenario.

• Brand A is a gourmet restaurant franchise.
• Brand A’s employee 227 manages the Twitter and Facebook profiles. He loses his laptop computer to a thief and the said computer ends up in the hands of Gang Y who find information valuable. Information such as usernames and passwords.
• Gang Y log in and sends messages to followers/fans inviting them to download x-rated videos at a special discount rate because they are fans of Brand A.
• Brand A discovers the breach when followers/fans begin to complain. As far as they are concerned, the messages came from a valid account they have a history with. They probably won’t believe it when Brand A claims to have lost control of their profiles for a period.

That, I think, is a veritable disaster. Does your business have a disaster plan for this sort of thing? Do you have policies or a strategy designed to ensure login credentials are secure or determine what to do when they are compromised?

Here a five things that can help you get a handle on things.

1. Have a strategy that ensures passwords across the organization are strong and that explicitly directs what is to be done in the event of a breach.
2. Lock things down. When you discover you’ve been hacked, revoke all access to the profiles other than direct login via the social site’s login page. Change all passwords immediately.
3. Report the attack. It’s important to show some proactivity to reassure the both the fans/followers as well as the site that you are back in control.
4. Tell the story loudly. Let your fans know you were hacked, which messages were not from you and that you’re back in control.
5. Plug the leaks. Sometimes weak passwords are not the problem. It could very well be poor enforcement of security such as leaving logged in laptops unattended in public spaces.

Help me grow and improve this list. What’s your take?