In the media industry, trust and speed are everything. Journalists, editors, and social media managers rely on platforms like Facebook, Instagram, and X to break news and engage audiences in real time. But with large followings and public-facing accounts, media brands are attractive targets for cybercriminals.
A hacked social media account doesn’t just cause embarrassment, it can result in loss of public trust, unauthorised ad spend, and long-term damage to a publication’s reputation. That’s why Multi-Factor Authentication (MFA), also known as two-factor authentication (2FA) should be a baseline requirement across every newsroom and media operation.
What is MFA?
MFA adds an extra layer of security when logging into an account. Instead of relying on just a username and password, MFA asks for something else to confirm your identity. This could be:
- A code sent by SMS
- A number generated by an authentication app like Google Authenticator or Duo
- A physical security key or biometric scan (fingerprint or face)
Even if someone guesses or steals a password, they can’t access the account without the second factor. That simple extra step can be the difference between staying secure and making headlines for the wrong reasons.
Real-World UK Example: Guardian Cyber Attack
In December 2022, The Guardian newspaper was hit by a major ransomware attack. The incident forced staff to work remotely for weeks and disrupted core publishing systems. Though the full details were not disclosed, the attack began with a suspected phishing attempt, a method often used to steal passwords and access credentials.
While it’s unclear whether MFA was in place or bypassed, the attack highlights how even large, well-resourced media organisations are vulnerable. A single compromised login can open the door to widespread disruption. MFA significantly reduces this risk.
Best Practices for Media Organisations
- Enable MFA for All Admins and Contributors
Every user with access to publishing tools or social media accounts should have MFA switched on. - Review Access Regularly
Check who has admin rights to your Facebook Page, Instagram account, or Meta Business Manager. Remove unnecessary users. - Use Strong, Unique Passwords
Encourage staff not to reuse passwords across personal and professional accounts. - Limit Access Where Possible
Fewer people with access means fewer risks. Assign roles carefully.
How Can we Help?
In a media environment where reputation, speed, and trust are everything, MFA is no longer optional – it’s essential. From protecting your audience reach to preventing PR disasters, adding an extra layer of login security is one of the simplest ways to protect your organisation’s digital assets.
As an RSA Security Gold Partner, we offer solutions which support adaptive MFA, passwordless login, and flexible deployment across cloud and on-premises platforms.
If your newsroom or media organisation needs help getting started – or wants to upgrade from a basic MFA setup – get in touch.
