Do you know what to do if your business experiences a data breach? Is there a plan in place if your company falls victim to ransomware? Although no one wants to think about a data breach scenario, it’s best to have a cyber breach response plan if your network has been hacked and your company’s critical data is now being held for ransom.
5 critical steps to take when faced with a data breach
Step 1: Lock down the network and stop the security breach. Apply an access list for both incoming and outgoing traffic. Although this poses an inconvenience for many, it is necessary to restrict traffic throughout your network, and it is necessary to either restrict, or possibly disconnect internet access while filters and access lists are applied.
Step 2: Change ALL user names and passwords. Once your network has been compromised you do not know which user names and passwords were also compromised. Require users to change their passwords with a lockout policy of three incorrect attempts. This is also a great time to implement Multi-Factor Authentication if you haven’t already.
Step 3: Logs are the key to identify the extent of the breach. Did a teenager just turn your production database server into a Minecraft gaming server, or did a hacker just copy all of your financial information? Copy all logs from key servers and firewalls to a centralized storage device.
Step 4: Analyze. Use security tools to comb through the logs and evaluate what was accessed. This is far too complicated of a step to be done by hand; it requires the automation of specialized security software. Nettology has the tools that can execute these scans to pinpoint what has been accessed.
Step 5: Gather the results and discuss them. Collaboration and communication between IT staff, management, and possibly even the legal team is essential. Hackers are very good at what they do; there is no time for finger pointing or trying to decide who is at fault. Work together, communication is the key.
Why wait for a data breach to occur?
Why wait to have your company and your customer data stolen? Nettology can conduct external and internal network vulnerability assessments that will spot weaknesses that hackers can exploit to gain entry into your data network.
We also offer cost-effective backup and disaster recovery solutions that provide state-of-the-art cyber security protection for your company.