recommended reading

The Complete Guide to Not Being The Weak Link Who Got the Organization Hacked

Every week there are headlines about a company getting its email, website, Twitter accounts or something else hacked. The reason? In a word: Employees.

Each of your accounts and devices is a potential way in for a hacker. “You’re only as protected as your weakest link,” says Tom Cochran, chief technology officer at Atlantic Media (which owns Quartz and Nextgov), and former head of digital technology at the White House. ”All it takes is one person to fall for a phishing scam for your organization to fall for hackers.”

So how you do avoid being that weakest link? Cochran, along with two of Quartz’s developers, Michael Donohoe and Sam Williams, offered a list of ways for people and businesses to secure their online property. Here are  their tips, in roughly increasing order of difficulty.

1. Install “HTTPS Everywhere” on your browser

What: A simple browser extension, HTTPS Everywhere ensures that whenever you go to a website that allows encrypted browsing (such as many email, banking and other sites that store personal information), your browser will default to using the encrypted version, where the address starts with https instead of http.

Why: Encrypted websites “hash” (i.e., scramble) passwords rather than allowing them to travel through the network as clear text. This also means they don’t store your password on their servers, but only the scrambled version of it. So anyone who spies on your internet connection, or manages to hack the server you’ve logged in to, can’t get your password.

This also means you should be wary about sites that don’t use https, or that email you a password in plain text when you lose it. There’s a good list of offending sites at plaintextoffenders.com.

2. Put a password on your home Wi-Fi

What: Many people leave their Wi-Fi network open, so anyone can use it. Go to the wireless router’s settings—you may have to look at the instructions for how to do this—and put a password on it.

Why: People accessing your network don’t just slow it down. They can “sniff” traffic and data being passed through the network including chat conversations and clear-text passwords (passwords that you type in on insecure networks). By putting a password on your Wi-Fi network, you are at least making it a little bit harder.

3. Put passwords on all your devices

What:  As Cochran writes, “Password protect as much as possible.” Put passwords or lock codes on every device you use that has internet access.

Why: While you may not store the most sensitive company documents on your phone or tablet, someone who gets hold of them can find plenty of useful information in your email. Someone who’s in your email can also pose as you to get passwords or documents out of colleagues. And if you use services like Dropbox or Google Drive to share office documents, your mobile device may give an attacker access to those too.

Read the rest of the security tips in the full story at Quartz.

Threatwatch Alert

Thousands of cyber attacks occur each day

See the latest threats

JOIN THE DISCUSSION

Close [ x ] More from Nextgov
 
 

Thank you for subscribing to newsletters from Nextgov.com.
We think these reports might interest you:

  • It’s Time for the Federal Government to Embrace Wireless and Mobility

    The United States has turned a corner on the adoption of mobile phones, tablets and other smart devices, outpacing traditional desktop and laptop sales by a wide margin. This issue brief discusses the state of wireless and mobility in federal government and outlines why now is the time to embrace these technologies in government.

    Download
  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

    Download
  • A New Security Architecture for Federal Networks

    Federal government networks are under constant attack, and the number of those attacks is increasing. This issue brief discusses today's threats and a new model for the future.

    Download
  • Going Agile:Revolutionizing Federal Digital Services Delivery

    Here’s one indication that times have changed: Harriet Tubman is going to be the next face of the twenty dollar bill. Another sign of change? The way in which the federal government arrived at that decision.

    Download
  • Software-Defined Networking

    So many demands are being placed on federal information technology networks, which must handle vast amounts of data, accommodate voice and video, and cope with a multitude of highly connected devices while keeping government information secure from cyber threats. This issue brief discusses the state of SDN in the federal government and the path forward.

    Download
  • The New IP: Moving Government Agencies Toward the Network of The Future

    Federal IT managers are looking to modernize legacy network infrastructures that are taxed by growing demands from mobile devices, video, vast amounts of data, and more. This issue brief discusses the federal government network landscape, as well as market, financial force drivers for network modernization.

    Download

When you download a report, your information may be shared with the underwriters of that document.