by Laurie Anstis on February 1, 2013
HMV were in the news yesterday for the wrong reasons, when the individual or individuals with access to their official Twitter account (@hmvtweets) caused an internet sensation by using the account to let the world know what they felt about being dismissed. A series of angry tweets ended with:
“Just overheard our Marketing Director (he’s staying folks) ask ‘How do I shut down Twitter’”
This is something that anyone who has corporate responsibility for a Twitter account needs to know, and something that weighed on my mind when I managed the accounts for my firm – just how do you shut down Twitter? If you trust others to post to your Twitter account, what are you going to do if they post things you don’t want to be posted. Even more importantly, how do you make sure that they don’t just walk away with control of a Twitter account that you may have put a lot of time and effort into building up?
The first thing you need to know is that anyone who has access to either the password or the email account associated with the Twitter account has complete control of that account.
With the password, they can change any setting on the account, including the password and the email address associated with the account. This gives them the power to lock anyone else out of the account and make any changes they want. If they quit and join a rival firm, they have the ability to take your account with them. Short of legal threats, applications to court or appeals to Twitter itself there is nothing you can do about it.
If they have access to the email account associated with the Twitter account, then they can simply request a password reset and thereby gain complete control of the account.
The offending HMV tweets have all been deleted now, but the tweets immediately before them are shown as having been posted directly from the Twitter website, which suggests that the employees had full access to the accounts and their settings. If they had been really determined to cause trouble, this could have been much worse for HMV.
So what’s the alternative?
The key thing was to make sure that all posting to the Twitter accounts by employees is done indirectly.
Don’t allow employees direct access to the Twitter accounts or to post directly from the Twitter webpage. Instead, use the likes of Hootsuite and Tweetdeck. Each employee with access to the Twitter accounts can have their own individual Hootsuite or Tweetdeck account, which can then be authorised to access a Twitter account. With this indirect access, employees are still free to post to Twitter, but no employee has the Twitter password or access to the email address associated with the individual Twitter account, both of can then be kept under central control.
Doing things this way won’t prevent rogue tweets, but it does give an answer to the question “how do you turn off Twitter”. If there are problems, the person with central access to the Twitter account can simply log in to Twitter and revoke Hootsuite or Tweetdeck’s access to those accounts. That will immediately cut off any one individual’s ability to post to the account. More importantly, it will also mean that rogue employees have no power to gain complete control of the account and walk away with it.
Kevin Poulter gives his perspective on the situation here.