Posted by: Jeff Cutler
Checklist, Data Breach, IT Team, Security, SLAs
It’s 2014. Your facility and your data are as secure as they ever were. That’s to say they’re not secure at all and you’d better come to terms with that reality. While there’s a lot you can do to maintain a little sanity in a world that’s seeing new systems breaches daily, sometimes the best plan of attack might be a plan for mitigation.
Now wait a moment. I didn’t plan on starting your new year with a ‘sky-is-falling’ missive. There’s no need to devolve into a luddite. I just want to share with you some common sense action items for keeping damage to a minimum when (not if) a data or facility breach occurs.
One caveat… if you think it can’t happen to you, you haven’t read Sharon Fisher’s latest post about crooks breaking into ATMs using thumb drives. Yeah, it can happen!
OK. Scared yet? Let’s list a few tasks to implement when (and even before) you discover you’ve been hacked…
1 – Have a plan in place BEFORE a breach occurs. Know which IT teams will be called in to deal with physical and technical damage/remediation. Know which communication and administration teams will be leveraged to deal with image and community response.
2 – Understand fully how your backup strategy and processes affect your recovery efforts. Also have a cheat sheet on hand for CTO, COO and CEO so they can have clarity when making decisions about next steps.
3 – Contact your legal team and your compliance task force/committee (you do have people focused on compliance don’t you?). Find out from them where the company stands in a worst case scenario – one where all data is gone. Then work backward looking at situations where only certain levels of data have been compromised.
4 – Use the breach as a learning tool. On the consumer side, look at Target and SnapChat. Both breaches are still in the news and SnapChat looks like it might come out of this looking better than Target because they kept some data protected. *If you read all the information, though, the folks at SnapChat were warned about their poor security numerous times and didn’t do anything to change their protection.
5 – Request a complete situation report from your internal IT teams and from your data services providers. If this level of support isn’t part of your SLAs, then make sure it’s written into all your agreements moving forward. The only way to prevent issues in the future is to fully understand what left you vulnerable in the past.
6 – Finally, don’t be closed-lipped about the situation once you’ve got a handle on it and plugged the leak. Knowledge can be your greatest asset in-house. Let your entire organization know what happened, what was done to fix the problem and what’s being done to prevent future similar breaches and security issues. A well-informed workforce tends to speak up when they see something out of the ordinary.
What’s the worst breach/security lapse your firm has experienced? What did your management and IT staff do to fix it and to move forward?