Avoiding data breaches
Tuesday, November 20, 2018
Data breaches are a big thing in the modern millennium due to criminal intent, malicious behavior and mischievous applications on the Internet. Identity theft keeps growing and there is not enough oversight or work being done to fix the problem. People may have personal information such as credit histories, financial data and other items compromised and needing to be corrected or having incorrect records cleared and expunged.
It is not only a blow to a company’s ego that data is lost, information is compromised, security is breached and customers may take legal action against you but also government regulators may be reaching down your back. (?) If you don’t have a proper plan in place you can suffer a major blow to your reputation and also set your company back financially.
Even the best laid plans though will often not be able to prevent the unpredictable. That’s why it’s a good idea to have multiple copies of data locked down since people are fallible and can make simple mistakes that cost your company time and money. However you can minimize damage and time taken to recover. This is also why it’s good to have a plan in place you can implement as quickly as possible to do damage control. Not only is your business livelihood at stake but your employees and all the customers out there.
Lot of times people act after the damage has been done and don’t continually monitor or put their plan into daily action and practice. Often most companies think of security of more an afterthought. Logs should be kept and monitored regularly.
Containing the problem is important as well as hiring a team of forensic experts to prevent future breaches and work with law enforcement. Making sure to get a security expert can help preserve important evidence.
An overall assessment needs to be done to determine systems infected, the extent of damage and the costs for repairs as well as motive and liability.
A team of experts are needed not just in IT but to draft press releases on what you legally have to disclose to the public as well as to employees.
This helps prevent further fines and trouble at the state level. It is a good idea to have a consistent story also when disclosing to the public. Also work with law enforcement to determine when the best time to disclose the leak to prevent it from harming any investigation.
Internal hacks and external hacks have different procedures but it would be smart to have a set of procedures in place since they share similarities. One thing is to make sure to gather further data or evidence once the breach is detected to prevent further damage or deletion of evidence. A paper trail or action plan can also help prove in a court of law that you took the necessary steps at the time which made sense based on the given facts and circumstances.
You may also need to hire a separate hotline or staff just to answer questions regarding a breach. Don’t make it harder for them to get through the phone lines after they just suffered a data loss.
Consider the damage as already been done and your reputation and business will take a hit. What kind of things can you do to win back your customers? The truth always comes out so it is better to have a crisis management team in place already than trying to come up with it on the fly. Have some pre-assembled scenarios and trained public relations, social media experts and answers for the reporters ahead of time so you can control public perception. Highlight what steps have been taken to protect customers and what your company has done above and beyond its basic responsibilities. Keep your media specialist in the loop. Address the rumors.
Learn from what happened to prevent it from recurring. It might have been an embarrassing occurrence but additional systems, funds, policies and plans need to be put in place that were not there before. Additional training for the employees and summary reports about what happened and when and what’s being done should be in a place to easily be publicly accessed. Perhaps new IT or staff need to hired. Perhaps systems need to be upgraded, replaced or an entire audit of the company’s security. Security training needs to be regularly implemented. Restricting and reducing access to critical files needs to be considered. Consider hiring white hackers to do preemptive penetration testing also and have a mock-drill.
Make sure there are no back-doors left from a hack. Continuous monitoring of the network and new software to detect intrusions can turn up more security incidents and make it look like there is poor company security still but even worse is not implementing adequate monitoring and thinking that there are no problems at all. Just because you can’t see anything noticeable doesn’t mean that there are no problems.
Also consider in certain cases having a way to remotely terminate hardware and software in the case of data incident.
Make sure security is applied across the board and simple security procedures implemented such as disabling hardware ports and software ports, locking down the system as well as using filters and file permission and rights managements. Remove any systems that don’t need to be there or hardware cards. Often smash and grab items like laptops, removable media should either be locked down or encrypted. There needs to be internet and email filters as well for messaging programs.
Start your data breach plan today and creating a template for crisis response.
If you would like to learn more you can check out:
How to Survive a Data Breach: A Pocket Guide, by Stewart Mitchell
Also Google “data security” for more ideas.