EZ MSP Blog
So, Your Data Was Breached… What Do You Do Now?
Data breaches are an unfortunate reality in this day and age, even during the holiday season. While it is important to do everything you can to prevent these kinds of disasters, you need to be prepared to deal with it—both in terms of your operations, and in terms of communicating with your clientele.
Yes, We Know: Part of Our Job is Preventing Data Breaches
Don’t get us wrong, we’ll do everything in our power to help prevent our clients from experiencing a data breach. Having said that, there is only so much we can do to stop them.
Whether we’re talking about zero-day threats, unreported software vulnerabilities, successful phishing attacks, or a lost device going unreported, there are plenty of ways that an attack can slip past even our team. So, while our services and solutions can greatly reduce the number of threats that your team is exposed to, we cannot realistically catch them all. Therefore, we wanted to discuss how you need to respond if your data is eventually breached.
Of course, we’ll also get into a few best practices to help your team avoid data breaches as well.
So, Your Data Was Breached… Now What?
Step One: Notify Everyone Impacted
Let’s make one thing clear… if your company experiences a data breach, it probably isn’t just “your” data that was affected. Anyone whose data you have collected, from your clients to your employees to your vendors, could now be at risk.
This means there are a lot of people you have to alert, just in case their data was impacted in the breach. We do mean “have to”, as well… each of the 50 states has some kind of legislation that sets standards for data breach notification, so not doing so can land you in some very, very hot water, regardless of where you are located or where you do business.
Step Two: Make Things Right with Those Affected
Once you’ve discovered the breach and informed your clients of the situation, it is also on you to make amends to them. This may be to offer a complimentary service to them, or a discount. The one thing you don’t want to do is pretend that nothing happened, or gloss over the situation… particularly if the breach caused issues for them. Have a frank and honest conversation with your clientele, doing whatever you can to help them out.
Step Three: Identify, Disclose, and Rectify the Issue
Internally, you need to make sure you fix whatever problem enabled the breach in the first place. We can help you run a complete network audit to figure out if a problem with your network allowed someone to access your systems, or to find out if someone employed by your company let in the attack (whether or not they meant to).
Once you know why the breach was possible, you need to remove the vulnerability. This may require you to update the defenses you have around your network, or to better educate your team on security procedures and best practices. Either way, you need to do whatever it takes to fix the problem, all the while keeping the affected people listed above apprised of your progress… of course, respecting everyone’s privacy.
Step Four: Do Better, and Restore from Your Backup
This part is simple… whatever needed to be done that wasn’t initially and allowed the breach in, make sure that you implement it into your standard procedures. Any data breach that you survive is a learning experience, if nothing else. Make sure you take advantage of it.
If necessary, you’ll also need to turn to your backup solution to restore any data that was impacted. This can help ensure that you aren’t working with any tainted data without realizing it, so it is probably best to restore from a backup regardless of whether any data appears to be missing.
Practices to Avoid a Data Breach
We frequently go back to a set list of methods for avoiding data breaches, simply because (as of this writing) they are effective means of preventing many data breaches from taking place.
Keep Your Network Protections Up-to-Date
Any attack that doesn’t make it in is one less attack that you need to worry about, which is what the network protections we recommend are for. Ensuring that your spam blockers, firewalls, and antivirus solutions are updated properly can eliminate many threats without your further involvement.
Make Sure Your Staff Remains Vigilant
When it comes to your team, you have the choice of helping them become one of your company’s greatest security resources or one of your company’s greatest vulnerabilities. It all comes down to how well you prepare them to deal with the cyberthreats they are sure to face. Educating and evaluating them and their preparedness to protect your company from things like phishing will be crucial to your overall security, as many cybercriminals actively choose to go after your users instead of tackling your practical defenses directly.
Abide By Best Practices
On a related note, it is important that the entire team also complies with the accepted best practices and standards that you establish for your business. All the protections in the world won’t make a difference if one of your user’s passwords is “Password12345.” Establishing acceptable baselines and enforcing them will be essential to maintaining your security.
Pay Attention to Cybersecurity News
Finally, while not all threats receive the same publicity, it can never hurt to remain apprised of what is happening in the cybersecurity space. While we always promote a proactive approach to cybersecurity, reacting to a sudden uptick in threats that was shared in a trustworthy publication isn’t a bad idea, either.
We’re here to help you do everything you can to avoid a situation where you have to own up to a data breach. Learn more about our cybersecurity solutions by calling (914) 595-2250.