A compromise of your computer network is very often a confusing experience.
Aside from the fact you can’t actually see where and how your property was tampered with or stolen, the possibility you did your best to secure your systems and still lost data can be unnerving.
So what should you do in the immediate aftermath of a data breach?
1. Disconnect from the Network
The top priority during or after any attack is to isolate the affected machines. If this can’t be done physically, the network should be reconfigured so no data can reach or be transmitted from any of the machines affected by the attack. The reasons for this are fairly obvious but often overlooked in the confusion following a breach. Attackers are likely controlling the machine remotely, so severing the link to the outside network is the best way to prevent an ongoing security issue.
2. Power Down and Image
Putting a compromised machine back into operation will almost always involve restoring data from backups. It is neither practical nor effective to attempt to repair a compromised machine while it is in operation. Any affected system should be powered down and have its disks imaged so they can be analyzed safely elsewhere. Then the machine should be restored to operation with its last known good backup. Once all the security checks have been completed, it can be returned to the network.
3. Security Assessment
Retaining Ottawa IT services from a firm like Bedrock IT or another in your area is often a good way to verify your procedures, the strength of your network and to document any improvements you’ve made to the security regime in your company. Aside from the prudent step of having an objective opinion about your security policies, IT companies that specialize in network security may have options available you hadn’t considered. Even if they can’t come up with anything new, at least you know you’ve taken every step you can.
If you are concerned about your security, you can be sure your customers, vendors and employees are as well. If you have evidence any data you are safeguarding for others has been compromised, you should notify them at once. You should also be certain your notifications are made as soon as possible so as to avoid any secondary damage taking place between the breach and the time when the affected person or persons can take steps to protect themselves.
Data security is always a top priority for companies large and small. Be certain you have a policy and follow it as closely as you can if there is an incident. It will be a great help in the long run.