Social Media Account Security and Policies
Social Media Account Security
In an effort to further protect Vanderbilt’s digital identity and online reputation, and to strengthen the security related to Vanderbilt social media accounts, it is recommended that social media account managers update the passwords for all of your area accounts at least once a semester.
The password to the social media profiles that you manage for Vanderbilt is the only protection available for these accounts -- accounts that allow immediate communication with prospective and current students, faculty, alumni, parents, and community members. Protecting the security of these accounts is a very important part of ensuring they are not overtaken for malicious purposes.
To increase security, we recommend changing social media passwords at the beginning of each semester.
- At least two people per department should have access to that department's social media accounts; at least one of these people should be a full-time faculty or staff member. Students should not be the only people with access to official university school or departmental accounts.
- If someone who has access to the account leaves Vanderbilt, passwords should be changed immediately.
- When one of the admins of an account leaves Vanderbilt, be sure that the account is transferred to someone else before their departure, and then change all passwords.
- All passwords should be reasonably complex and difficult for unauthorized people to guess.
- Choose passwords that are at least eight characters long and contain a combination of upper- and lower-case letters, numbers, and punctuation marks and other special characters such as !@#$%^&,*).
- Do not include words related to your department or school.
- A password should be unique, with meaning only to the employee who chooses it. That means dictionary words, common phrases and even names should be avoided. One recommended method to choosing a strong password that is still easy to remember: Pick a phrase, take its initials and replace some of those letters with numbers and other characters and mix up the capitalization. For example, the phrase “This may be one way to remember” can become “TmB0WTr!”.
- Do not re-use passwords you have used previously.
- Passwords should not be shared via email. When possible, share the password verbally with shared account managers. If this is not possible, you can share the file securely using VUIT’s secure file transfer website.
The email address associated with the account should be a Vanderbilt email account.
Platform-Specific Additional Security Options
- Twitter login verification
- Facebook login approvals
- Snapchat login verification
- LinkedIn two-step authentication
Important University Policies
Social media usage at Vanderbilt is governed by the same policies that govern all other electronic communications. Read the policies below before engaging in any social media campaign as part of your official duties at Vanderbilt and if you use social media for personal purposes.
Advertising on behalf of external vendors is prohibited on Vanderbilt websites and social media presences (with the exception of Vanderbilt Athletics, through their media rights provider ISP).
- Electronic Communications and Information Resources Policy (HR-025)
- Acceptable Use Policy
- Conflict of Interest Policy
- Technology Policy
If you identify yourself as a Vanderbilt employee -- for example, through a bio or comments -- you should include the following language in your bio or account description:
The views and opinions expressed here are not necessarily those of Vanderbilt University, and they may not be used for advertising or product endorsement purposes.
For Twitter or other similar platforms with restrictive word count:
Tweets my own. Or Opinions my own.
If you do not identify yourself as being affiliated with Vanderbilt University, you do not need to include this language.
Vanderbilt University Medical Center Social Media Policy and Guidelines
Vanderbilt University Medical Center faculty and staff must also read and follow this policy and these guidelines before creating a social media presence in which they engage in online discourse and identify themselves with VUMC.
Social media channel policies
All social media sites, such as Facebook, have policies about how they will or will not use your content, what is and is not allowed, etc. Be sure to familiarize yourself with these policies before you launch your channel.
If you have any questions about social media best practices, or need guidance when problems or issues of concern arise, contact the Social Media Team at firstname.lastname@example.org.