Recovering from a Data Breach

Nobody wants to think about the challenges of a data breach. “It won’t happen to me” or “that’s just for the big guys, I’m not a target” keeps us feeling safe, but the truth is a data breach can happen to anyone. In fact, it is estimated that half of cyberattacks are targeted at small businesses. This doesn’t mean it’s time to panic, just be prepared. Here is a quick overview of what to do if your company experiences a data breach.

1. Before the Breach – It’s a great idea to start thinking about your strategy now so that you can mobilize the most effective response in the event that your company experiences a breach. Create a plan that will involve what steps you will take and who will be your active response team. This is also a great time to research potential partners so that you have data security experts at your disposal if you should need to call them in. Responding to a breach is a multi-step process, and it will expedite your response and minimize the breach impact if your company is ready to go should the time arise.
2. Stop the Leak – The first step is to repair any vulnerabilities that may have opened up and stop the breach in its tracks. Exactly how you do this will depend on what type of breach you experienced. In general, consider the following steps:
   • Take any affected equipment offline and, if possible, replace with clean machines to keep your systems running. Investigators will want to see the exact state of any impacted machines, so try not to turn them off, just take them offline.
   • Update Credentials – Change access codes, passwords, and other credentials to lock out any unauthorized users. Make sure to use secure methods of communicating with your team. Never email new credentials. Instead choose word of mouth, or encrypted messaging to get the word out.
   • Consider physical access – If your data breach involved unauthorized physical access make sure to change the locks or entry codes to the server room and restrict access to essential personnel until the investigation is complete.
3. Investigate and Repair – If your company experiences a data breach it is important to understand what happened, how it happened, and how it can be prevented in the future. This will involve specific investigations. Depending on the size and nature of your company, you may have investigators in house, but many companies will want to hire a forensic investigative team to identify the exact path of the breach. This information will help any law enforcement efforts, as well as your internal resolution and rectification efforts.
   • Make sure you are complying with any legal requirements regarding breaches of personal information. Many state and federal laws now have requirements about reporting on any breaches of personal information. It’s important to make sure you are reporting these breaches in a timely manner to remain in compliance and protect your clients’ and users’ personal information.
   • Don’t hesitate to involve law enforcement. It may be tempted to try to keep breach details in-house, but that can be a mistake. Take any issues seriously by contacting law enforcement right away. These teams are on your side and will help you investigate cause and identify bad actors when possible. Your customers and stakeholders will appreciate that you are taking the issue seriously rather than trying to keep it quiet.
4. Customer Relations and Damage Control – When customer data is affected it’s important to minimize the impact to your customers and carefully manage your communications. Be sure to remove any data posted online and take all the necessary steps to protect their data from further vulnerability. Once you have done this, be sure to consult with your legal counsel. Carefully prepare communications and reach out to impacted customers and businesses in a timely manner. When they are quickly informed, they can take steps to protect their identity and minimize the impact of the breach. Be sure to communicate with law enforcement about your notification plans to make sure the timing is appropriate to the investigative efforts.

When a breach happens, many companies fear the worst. But with a solid plan with your database services and quick action, data breaches don’t have to be a game changer. Most customers will be understanding and sympathetic as long as you communicate appropriately, take action in a timely manner, and take the right steps to secure your data against further vulnerabilities. Strength isn’t found in silence it’s found in truth and transparency.