So you've experienced a data breach—now what? Seventy-two percent of businesses that experienced a data breach closed-up shop within 24 months.
To avoid detrimental loss to your business from a data breach, follow these tips to recover.
1. Gather Evidence and Investigate
A data breach is never convenient. However, when you take immediate action, you can reduce harmful business effects, such as loss of market value or sensitive information falling into the wrong hands. Critical steps to take include:
- Work with your IT team or third-parties to assess the breach, gather evidence and prevent additional damage. Collecting evidence right away can also uncover a trail leading to responsible parties before it is lost or compromised.
- Conduct a cyber threat assessment to uncover vulnerabilities that may have gone unnoticed and to help ensure that the attack has been mitigated. A proper assessment will look for a wide variety of risks, such as misconfigured software, missing security patches, and weak passwords.
- Notify law enforcement of your company’s data breach; additional resources may be available to assist with the response and any subsequent investigation.
2. Notify and Restore
Your next steps will vary depending on the type and severity of the breach, but restoring systems and notifying those affected are critical objectives. Systems may need to be reconfigured or rebuilt from backups, which can be a time consuming process – especially if they were damaged by the attack.
Notification may involve vendors, customers, employees and anyone else impacted by the breach. Every situation is unique, but the sooner you alert affected parties, the faster they are able to prevent avoidable damages, such as identify theft, from occurring. However, before proceeding, become familiar with your state’s regulations and guidelines. Security breach laws vary by location and are broken down by:
- Who must comply with regulations (i.e. businesses, government entities).
- Definition of personal information.
- What defines a security breach.
- Notice requirements.
3. Create Prevention Policies
Although you cannot go back and prevent a data breach from occurring, you can decrease the chance of another one happening in the future. Create policies that will prevent company information from being compromised, and audit regularly to ensure compliance. Common data security policies include:
- Secure mobile devices. Employees should password protect all smartphones, tablets and computers that host company information. Mobile Device Management (MDM) tools can also be used to track and disable devices when necessary.
- Establish a security engagement program. This program will educate employees on company security measures with real-life examples and training.
- Install anti-virus and network monitoring software. If your company does not already utilize security scanning and monitoring tools, now is the time to invest. Work with your security vendor and IT team to evaluate options.
- Encrypt company data. Sensitive data should be protected “at rest” and “in transit” to reduce the risk of theft. Security can also be increased by restricting data access to those with legitimate business needs.
- Back-up information in a secondary location. Storing company information in one or more secondary locations, such as the cloud, can add an additional layer of security and prevent data from being lost.
- Schedule IT check-ups. Conduct regular reviews to ensure security and IT equipment is working properly and up-to-date.
- Secure ancillary systems connected to company networks. Secure systems, such as IP video surveillance and heating, ventilating, and air conditioning (HVAC), to prevent hackers from accessing your network through this equipment. Ensure that servicing vendors follow established security procedures- especially if they are connecting to your network.
What policies does your business enforce to prevent data breaches? Share with us in the comments below.