Blog

So, Your Data Was Breached… What Do You Do Now?

So, Your Data Was Breached… What Do You Do Now?

Data breaches are an unfortunate reality in this day and age, even during the holiday season. While it is important to do everything you can to prevent these kinds of disasters, you need to be prepared to deal with it—both in terms of your operations, and in terms of communicating with your clientele.

Yes, We Know: Part of Our Job is Preventing Data Breaches

Don’t get us wrong, we’ll do everything in our power to help prevent our clients from experiencing a data breach. Having said that, there is only so much we can do to stop them.

Whether we’re talking about zero-day threats, unreported software vulnerabilities, successful phishing attacks, or a lost device going unreported, there are plenty of ways that an attack can slip past even our team. So, while our services and solutions can greatly reduce the number of threats that your team is exposed to, we cannot realistically catch them all. Therefore, we wanted to discuss how you need to respond if your data is eventually breached.

Of course, we’ll also get into a few best practices to help your team avoid data breaches as well.

So, Your Data Was Breached… Now What?

Step One: Notify Everyone Impacted

Let’s make one thing clear… if your company experiences a data breach, it probably isn’t just “your” data that was affected. Anyone whose data you have collected, from your clients to your employees to your vendors, could now be at risk.

This means there are a lot of people you have to alert, just in case their data was impacted in the breach. We do mean “have to”, as well… each of the 50 states has some kind of legislation that sets standards for data breach notification, so not doing so can land you in some very, very hot water, regardless of where you are located or where you do business.

Step Two: Make Things Right with Those Affected

Once you’ve discovered the breach and informed your clients of the situation, it is also on you to make amends to them. This may be to offer a complimentary service to them, or a discount. The one thing you don’t want to do is pretend that nothing happened, or gloss over the situation… particularly if the breach caused issues for them. Have a frank and honest conversation with your clientele, doing whatever you can to help them out.

Step Three: Identify, Disclose, and Rectify the Issue

Internally, you need to make sure you fix whatever problem enabled the breach in the first place. We can help you run a complete network audit to figure out if a problem with your network allowed someone to access your systems, or to find out if someone employed by your company let in the attack (whether or not they meant to).

Once you know why the breach was possible, you need to remove the vulnerability. This may require you to update the defenses you have around your network, or to better educate your team on security procedures and best practices. Either way, you need to do whatever it takes to fix the problem, all the while keeping the affected people listed above apprised of your progress… of course, respecting everyone’s privacy.

Step Four: Do Better, and Restore from Your Backup

This part is simple… whatever needed to be done that wasn’t initially and allowed the breach in, make sure that you implement it into your standard procedures. Any data breach that you survive is a learning experience, if nothing else. Make sure you take advantage of it.

If necessary, you’ll also need to turn to your backup solution to restore any data that was impacted. This can help ensure that you aren’t working with any tainted data without realizing it, so it is probably best to restore from a backup regardless of whether any data appears to be missing.

Practices to Avoid a Data Breach

We frequently go back to a set list of methods for avoiding data breaches, simply because (as of this writing) they are effective means of preventing many data breaches from taking place.

Keep Your Network Protections Up-to-Date

Any attack that doesn’t make it in is one less attack that you need to worry about, which is what the network protections we recommend are for. Ensuring that your spam blockers, firewalls, and antivirus solutions are updated properly can eliminate many threats without your further involvement.

Make Sure Your Staff Remains Vigilant

When it comes to your team, you have the choice of helping them become one of your company’s greatest security resources or one of your company’s greatest vulnerabilities. It all comes down to how well you prepare them to deal with the cyberthreats they are sure to face. Educating and evaluating them and their preparedness to protect your company from things like phishing will be crucial to your overall security, as many cybercriminals actively choose to go after your users instead of tackling your practical defenses directly. 

Abide By Best Practices

On a related note, it is important that the entire team also complies with the accepted best practices and standards that you establish for your business. All the protections in the world won’t make a difference if one of your user’s passwords is “Password12345.” Establishing acceptable baselines and enforcing them will be essential to maintaining your security.

Pay Attention to Cybersecurity News

Finally, while not all threats receive the same publicity, it can never hurt to remain apprised of what is happening in the cybersecurity space. While we always promote a proactive approach to cybersecurity, reacting to a sudden uptick in threats that was shared in a trustworthy publication isn’t a bad idea, either.

We’re here to help you do everything you can to avoid a situation where you have to own up to a data breach. Learn more about our cybersecurity solutions by calling 603-889-0800.

By accepting you will be accessing a service provided by a third-party external to https://www.whitemtn.com/

Related Posts

Your business’s data is one of the most important assets your company has, and with the bat of an eyelash, it could all be gone. Imagine an unexpected hardware failure causing your business downtime and severe data loss. All businesses should be awar...
It doesn’t take much to derail a business. Even the slightest disruption in power can lead to an unexpected power-down, and something as simple as a severe rainstorm could lead to floods that wash away your data. The point stands that you have everyt...
September 30th is Disaster Preparedness Day. This gives us a great reason to go over some of the most common disasters that can potentially affect your businesses. There are dozens of potential disasters to choose from, but since we’re an IT company,...
We always picture hackers as these foreboding, black-clad criminals, smirking through the shadows cast in their dark room by their computer monitor. Hardened, uncaring individuals who don’t go outside very often, staring at code as if they were able ...
Even the most innocent Internet user can fall victim to the stray hacking attack, and it’s all thanks to the manner in which malware reverse-engineers software. This process is how a hacker finds vulnerabilities in software. However, a new security c...
Databases are exceptionally useful for allowing access to important data, but they by default expose data to risks depending on how they are stored. If a database is stored in the cloud, for example, it could potentially be exposed to threats that pu...
Disasters are more common in the business world than you might think, be they natural disasters that level your office or simple electrical problems that spark a structural fire. A business-threatening disaster could occur at any moment, and it is yo...
Not all businesses will look at disaster recovery the same way, but if you want your business to have the kind of continuity that will allow it to get through tough situations, doing your best to formally create a disaster recovery policy will put yo...
It doesn’t matter if you are a small locally-owned business or a larger-scale enterprise. Network security is equally important, as all businesses by default collect valuable information for hackers. It makes sense to protect your valuable assets, an...
For many Windows users, the fact that Microsoft is issuing Windows 10 incrementally came as a shock for those who patiently waited for its release date. While users wait, however, hackers are taking advantage of those who are less patient by creating...
One minute you’re browsing trusted sites on the Internet, the next, your PC freezes up and displays the dreaded blue screen of death, along with a fake tech support message. This strain of malware is duping plenty of computer users into calling the p...
One of the latest vulnerabilities in open-source software can be found in 7zip, a file archiver and decompresser. 7zip has been found to have several security vulnerabilities which have software developers rushing to fix their products. The damage do...

Onsite Service Coverage Area

Although we provide remote services and support to businesses in over 20 states, onsite services are limited to within reasonable driving distance from our offices in NH.  We will manage a local vendor for locations outside of our service area to provide onsite assistance when needed.

 

Onsite Computer Support Services are available to businesses within 60 miles of Nashua New Hampshire. We have excellent onsite coverage from Concord NH, south through Manchester NH, and then down into Boston. From Northern and Central Mass, we cover from Worcester, east to the North Shore, including the Salem and Portsmouth NH area.

 

White Mountain IT Services


33 Main Street, Suite 302
Nashua, NH 03064

 


121 Riverfront Drive
Manchester, NH 03102

603-889-0800

Open Positions