Presented by James Phetteplace
July 16, 2025 | Hosted by Social Media Breakfast Madison
In a world where one rogue login can compromise your organization’s entire online presence, this month’s Social Media Breakfast Madison was a wake-up call: Are you really in control of your social media accounts?
James Phetteplace, an IT veteran with nearly 30 years of experience (half of which was spent as an IT Director), shared real-world stories, preventative strategies, and a roadmap for protecting your brand from one of the most overlooked threats in digital marketing—social media lockout.
Couldn’t attend? We’ve captured the key takeaways, insights, and strategies below! Sincere thanks to volunteer, Joe for writing the recap of this event. And kudos to Bryant from VEDUB Media for the photo recap of the event. You can also watch the event recap on our Social Media Breakfast Madison YouTube channel. Check out the What’s Next section at the bottom of this page for a link to the PDF Avoid the Lockout: Social Media Safety for Your Team.
The Real Risk: Your YouTube Channel Could Disappear Tomorrow
James opened with a true story: A nonprofit’s YouTube channel had grown to over 20,000 subscribers—only to lose access completely when a staff member left with the login credentials. The result? Years of content, engagement, and community gone. The organization had to start from scratch.
This isn’t a one-off case. Whether it’s a staffer creating accounts with personal emails or using shared passwords with no master list, many organizations unknowingly gamble with their digital presence.
Why Teams Lose Access
James outlined the common culprits:
– Logins tied to personal email accounts
– Weak or shared passwords
– No onboarding/offboarding processes for new/departing staff
– Unclear ownership/responsibility
Platforms like Meta (Facebook), X (formerly Twitter), and YouTube are especially vulnerable to these issues due to how their admin systems are structured.
What’s at Stake
Losing access doesn’t just mean downtime. It can lead to:
– Reputation damage
– Lost community trust
– Disrupted communication with your audience
– Former staff still having control over accounts
Unlike Elmo’s X account (which made headlines when it was hacked), small organizations may not have the visibility—or resources—to bounce back.
Business Continuity for Social Media
James urged attendees to treat social media access as a Business Continuity and Disaster Recovery (BC/DR) issue, just like data backups or server crashes.
Business Continuity (BC) is about keeping essential business functions running during a disruption. Disaster Recovery (DR) is about restoring data and systems after a disruption.
BC/DR for social media includes:
– Platform inventory with account owners & roles
– Secure password storage
– Communication & recovery plans
– Regular testing and audits
Domain = Digital Identity
James emphasized: Your domain is the root of everything.
Losing access to your domain means losing access to email, websites, and platform recovery options. Always:
– Enable domain auto-renewal
– Use backup off-domain emails
– Make sure more than one person has registrar access
Red Flags to Watch For
– No centralized login list
– Only one person with admin access
– MFA tied to someone’s personal device
– No offboarding process
If these sound familiar, it’s time to act.
What You Can Do Today
– Make a list of all your org’s platforms
– Check who has access (and what level)
– Migrate logins to org-owned accounts
– Turn on two-factor authentication (2FA) with team-managed backup
Long-Term Protection
– Use role-based email accounts (e.g., social@yourorg.org)
– Adopt a password manager like LastPass or Bitwarden
– Share documented logins with leadership
– Include social access in offboarding procedures
– Assign a “social media steward” to oversee access and safety
If It’s Already Too Late…
– Try logging in from known devices
– Check if any former admins still have access
– Visit the platform’s help center
– Report hacked accounts and submit business documentation
– Update your access procedures to avoid future issues
The Social Media Access Safety Checklist
Attendees received a practical checklist to help secure their organization’s platforms—everything from MFA setup to recovery contact info and access documentation. You can download it at smbmad.org or contact the organizers for a copy.
Key Takeaways
- What happens when organizations lose access to social media accounts
- How to spot red flags around account ownership and access
- Tools and policies to help your organization stay in control
Final Thoughts
Bottom line? Don’t wait until you’re locked out to act. Protect your access now, and build resilience into your digital systems—because the health of your brand depends on it.
Special thanks to James Phettplace for equipping us with real-world insight and actionable tools to secure our social media presence.
What’s Next
Download the PDF Avoid the Lockout Social Media Safety for Your Team from James Phetteplace from Erawatech.
Stay tuned for next month’s event and, as always, subscribe & follow @SMBMad for updates and more recaps!
Speaker Bio
James Phetteplace is the founder of Erawatech, where he helps nonprofits and mission-driven teams make peace with technology. With more than 28 years of experience in IT and digital strategy, he builds calm, resilient systems that organizations can manage with confidence.
James brings a trauma-informed approach to tech, recognizing that overwhelm and past frustrations often shape how teams interact with digital tools. His work helps organizations regain control of their platforms, avoid preventable risks, and focus on what they do best.
Big Thanks to Our Sponsors and Volunteers
SPONSORS:
