Building a Compliant & Secure Social Selling Strategy for Regulated Industries

Social media is now a standard sales tool for businesses, pressing businesses to implement effective and viable social selling strategies. However, alongside selling, organizations need to be aware of security – especially the security of the social media and mobile chat applications they want to enable. While selling via social media platforms is now normal, such practice can expose organizations to compliance and security risks.

These organizations need to find the right balance between three forces:

1. Leveraging social media to accelerate sales and marketing through authentic customer engagement
2. Reducing regulatory risk exposure
3. Detecting and responding to cybersecurity threats to employees that may come through social media, such as spear-phishing or social engineering

Highly-regulated industries can face significant financial penalties for social media misuse. In fact, the Securities and Exchange Commission (SEC) collected $4.7B worth of fines in 2020. Enforcement cases from the Financial Industry Regulatory Authority (FINRA) have also increased across the board. New guidelines have also made data privacy and data residency requirements more complex, not just in the US but across the globe.

It’s important that companies have an exact grasp of what they can and can’t do when building a social selling strategy. Here are some strategies to get you started.

Social Selling 101

Social selling techniques are a relatively new approach to regulated industry sales.

Social selling is the process of researching, connecting, and interacting with customers and prospects on social media networks (Twitter, Facebook, LinkedIn, etc.) By commenting on, liking, and sharing prospects’ and customers’ posts, salespeople create and cultivate relationships with buyers. In doing so, sellers improve their credibility by taking an interest in what their customers/prospects are interested in.

Social selling is similar to lead nurturing; sales and marketing teams need to put in the time and effort to establish these relationships.

A social selling strategy is highly beneficial to organizations who want to improve sales efforts. According to LinkedIn:

• Social selling leaders create 45% more opportunities than peers with a lower social selling index (SSI).
• Leaders are 51% more likely to reach quota when they employ social selling techniques.
• 78% of social sellers outsell peers who don’t use social media.

Social selling leaders get better results

A strong, thriving social media presence enables life sciences, financial services, and other highly-regulated industries to establish safe and steady returns. Research reveals 70% of Americans trust people they know more than general populations/brands. For financial services in particular, 48% of retail investors trusted their financial advisors because of the technology they use.

The Challenges of Social Selling

A social selling plan can drive a 32 % increase in leads in the pipeline – but it’s not without its business risks.

When organizations fail to address the risks involved with a social selling strategy, they can lead to serious financial disputes and non-compliance issues. Cases in point:

• A Mutual Life Insurance Co. subsidiary in Massachusetts was fined $4M as a settlement after securities regulators from the state opened an inquiry into their employees’ social media and trading activity. This included Keith Gill, an employee who was also involved in the #WallStreetBet reddit craze that rapidly increased the value of GameStop Corp.’s stock price in 2021.
• Pharmaceutical company Duchesnay, on the other hand, received a serious warning letter from the Food and Drug Administration (FDA), after social media influencer Kim Kardashian posted about their anti-nausea drug Diclegis while neglecting to mention its side-effects. FDA demanded Duchesnay publish a “corrective message” to minimize the fallout of Kardashian’s ‘volatile’ post.

58 % of companies now view compliance as a barrier to entering new markets. But for highly-regulated industries, they are required by law to keep archives of all their communications, which includes their social media posts and messages.

Relying on the platform itself isn’t an option, however, since the data-integrity and archiving standards of social media platforms don’t often meet the standards demanded by these industries.

Social Media’s Additional Security Issues

Pharma, life sciences, and other highly-regulated industries are not only worried about meeting compliance requirements. Ultimately, like other businesses, these enterprises are plagued by security concerns and issues due to the expanded risk surface that social media brings.

These are the most common threat vectors facing sales and marketing teams, as well as end users, in a social selling program:

Account Takeovers

Account takeovers (ATO) are identity theft attacks where a threat actor gains access to a user’s social media account. After takeover, threat actors can (1) attack externally by launching phishing scams against the account’s connections, or (2) perform a more silent takeover to gain back-end access into an organization or (3) deface the account to damage the account holder’s brand and reputation.

Spear Phishing & Data Loss

Spear phishing is a targeted, low-volume, highly personalized, social engineering attack.   Unlike the bulk phishing emails that most phishers do, spear phishers use private information gleaned from social media to go for specific targets based on what they know about their prospective victims.

Threat actors can target employees and establish trust via information gleaned from social media including, interests, location, affiliations, etc. Once the victim lets their guard down, hackers can convince targets to wire money, give away confidential information, or download a malicious file, which leads to data theft and loss. 

Malicious Content

Law Insider defines malicious content as, “any viruses, malware, ransomware, trojan horses, computer codes or any software or hardware designed to disrupt or destroy any [ICT] operations partially or as a whole.”

Social media users have a higher risk of being exposed to such content because social media platforms don't often provide ways for users or companies to identify malicious content or profiles that advertise and share them. Knowing threat actors find it easiest to get their victim’s information on social media, the potential for the spread of malicious content increases greatly.

These concerns make social selling techniques a challenge for highly-regulated companies. The more ingrained social media becomes with core business processes, the further the attack surface expands.

Tips for Social Selling Securely

87 % of organizations see risk management as reactive and costly rather than proactive. This is the wrong viewpoint. Risk management is essential. For companies wanting to reap the benefits of a social selling plan without adding risk, here are some tips:

1. Optimize your social media profile. An incomplete or outdated profile will make your visitors think your account is a fake or illegitimate.
2. Share content to build credibility, especially success stories. Create posts, blogs, or articles and share them to make you more credible. Success stories work best, because customers often prefer hearing from other people’s experiences.
3. Pay attention to the comment section and watch out for customer support opportunities. Customers love attentive brands with quick response times.
4. Be consistent. According to Dan Tyre from Hubspot, “the key is to have three or four interactions within 10-12 days, which shows professional persistence without overwhelming your prospect.”
5. Track engagements. Be mindful of the amount of likes, comments, and shares on your profile and your posts. High engagement indicates content that resonates well with your audience.
6. Know when to move conversations off social media. After establishing a solid connection, offer to hop on a call with your prospect. This will help you understand more about their pain points and their needs.
7. Seek referrals. One effective way to do this is to check out their LinkedIn profiles and see if you have mutual connections.
8. Protect your social media assets with proactive defense. Deploy a robust cybersecurity solution that will proactively scan both the surface and the deep dark web for imposter social media accounts, as well as monitor, detect, flag, and quarantine compromised social media communications.
9. Respond to threats in real-time. Establish a social media protocol that automatically responds to botnet attacks, hacks, and takeovers. Real-time detection of malicious content or account takeover attacks is the first step.

Learn from Real-Life Examples

The challenges of social selling underline the need for a solution that ensures compliance across a company’s tech stack, including their social media apps and accounts. The solution must be able to scale to meet the volume and velocity of social media messages. Machine Learning is a must here. Social media is a rapid medium. If an organization wants to gain the business benefits while reducing compliance and security overhead costs, the solution must be able to keep up. Natural Language Understanding is key to delivery consistent compliance and security policy application. Some companies have begun to apply this technology, with great success. 

• A national $70B+ insurance company wanted to genuinely engage with their new and existing customers on social media, but are struggling with keeping their broker communications compliant.
  
  With the help of Safeguard Cyber’s compliance solution, the enterprise now supervises 87,000+ messages for compliance per year across 900+ broker social accounts. Moreover, SafeGuard Cyber’s platform detects 2,000+ policy violations every month, quickly setting them up for review and remediation.

• A Fortune 500 global pharmaceutical company also needed to engage with customers authentically across multiple brands on social media while staying compliant.
  
  Working with Safeguard Cyber, they have now automated policies for industry regulations through language-agnostic machine learning, automatically capturing and securing 2,200 posts across 29 accounts per month.

Social selling has opened many doors for many companies to boost their marketing and sales. Any organization can access these benefits, so long as they ensure a safe and compliant social selling strategy. SafeGuard Cyber’s robust compliance platform can help. See SafeGuard Cyber in action here.

If you are interested in learning more about the SafeGuard Cyber solution, you can take a quick 5-minute tour.