recommended reading

The Complete Guide to Not Being The Weak Link Who Got the Organization Hacked

Every week there are headlines about a company getting its email, website, Twitter accounts or something else hacked. The reason? In a word: Employees.

Each of your accounts and devices is a potential way in for a hacker. “You’re only as protected as your weakest link,” says Tom Cochran, chief technology officer at Atlantic Media (which owns Quartz and Nextgov), and former head of digital technology at the White House. ”All it takes is one person to fall for a phishing scam for your organization to fall for hackers.”

So how you do avoid being that weakest link? Cochran, along with two of Quartz’s developers, Michael Donohoe and Sam Williams, offered a list of ways for people and businesses to secure their online property. Here are  their tips, in roughly increasing order of difficulty.

1. Install “HTTPS Everywhere” on your browser

What: A simple browser extension, HTTPS Everywhere ensures that whenever you go to a website that allows encrypted browsing (such as many email, banking and other sites that store personal information), your browser will default to using the encrypted version, where the address starts with https instead of http.

Why: Encrypted websites “hash” (i.e., scramble) passwords rather than allowing them to travel through the network as clear text. This also means they don’t store your password on their servers, but only the scrambled version of it. So anyone who spies on your internet connection, or manages to hack the server you’ve logged in to, can’t get your password.

This also means you should be wary about sites that don’t use https, or that email you a password in plain text when you lose it. There’s a good list of offending sites at

2. Put a password on your home Wi-Fi

What: Many people leave their Wi-Fi network open, so anyone can use it. Go to the wireless router’s settings—you may have to look at the instructions for how to do this—and put a password on it.

Why: People accessing your network don’t just slow it down. They can “sniff” traffic and data being passed through the network including chat conversations and clear-text passwords (passwords that you type in on insecure networks). By putting a password on your Wi-Fi network, you are at least making it a little bit harder.

3. Put passwords on all your devices

What:  As Cochran writes, “Password protect as much as possible.” Put passwords or lock codes on every device you use that has internet access.

Why: While you may not store the most sensitive company documents on your phone or tablet, someone who gets hold of them can find plenty of useful information in your email. Someone who’s in your email can also pose as you to get passwords or documents out of colleagues. And if you use services like Dropbox or Google Drive to share office documents, your mobile device may give an attacker access to those too.

Read the rest of the security tips in the full story at Quartz.

Threatwatch Alert

Thousands of cyber attacks occur each day

See the latest threats


Close [ x ] More from Nextgov

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Modernizing IT for Mission Success

    Surveying Federal and Defense Leaders on Priorities and Challenges at the Tactical Edge

  • Communicating Innovation in Federal Government

    Federal Government spending on ‘obsolete technology’ continues to increase. Supporting the twin pillars of improved digital service delivery for citizens on the one hand, and the increasingly optimized and flexible working practices for federal employees on the other, are neither easy nor inexpensive tasks. This whitepaper explores how federal agencies can leverage the value of existing agency technology assets while offering IT leaders the ability to implement the kind of employee productivity, citizen service improvements and security demanded by federal oversight.

  • Effective Ransomware Response

    This whitepaper provides an overview and understanding of ransomware and how to successfully combat it.

  • Forecasting Cloud's Future

    Conversations with Federal, State, and Local Technology Leaders on Cloud-Driven Digital Transformation

  • IT Transformation Trends: Flash Storage as a Strategic IT Asset

    MIT Technology Review: Flash Storage As a Strategic IT Asset For the first time in decades, IT leaders now consider all-flash storage as a strategic IT asset. IT has become a new operating model that enables self-service with high performance, density and resiliency. It also offers the self-service agility of the public cloud combined with the security, performance, and cost-effectiveness of a private cloud. Download this MIT Technology Review paper to learn more about how all-flash storage is transforming the data center.


When you download a report, your information may be shared with the underwriters of that document.