What To Do If You Have a Data Breach or Experience a Computer/Network Hack or Attack!
Despite your efforts to control access, track assets and create secure procedures for your network, online accounts, and computer systems. Data breaches, Server Attacks, Network Attacks, Account Hi-Jacks, you name it! It can happen, and it does happen. Knowing what to do if you suspect or actually have a problem can make the difference between a minor inconvenience, and a disaster that interrupts your ability to do business! The following steps can help you recover after a breach or hacking incident. The faster you can recover, the sooner you can get back to business!
- Stop the Breach/Stop the Attack:
Isolate any devices or systems that have been identified as being a part of the breach and/or attack. If the hacker has used an email or account to access your systems, close them down to prevent further damage. If a specific computer is infecting other systems on the network, disconnect its network connections and get it offline. Ultimately, the faster you can restrict access to the systems, computers, and or accounts that have been affected, the less damage a hacker can do.
- Examine the Damage:
You’ll need to determine the extent of the damage and which systems, accounts, or users are suspected of being compromised, and which systems are confirmed secure. When you know what has actually been accessed, and what/who has been attacked, you will be better equipped to deal with the overall situation.
- Restore your Systems:
Once the threat has been addressed, you can restore your systems, network, etc so you can continue your normal day-to-day work. If you have a DRaaS or BaaS system in place, your provider will be able to help you recover any lost, stolen, or deleted data quickly. If you don't have any backup systems in place for your critical data, try to work with your in-house IT team to attempt data recovery, and get things back up and running as fast as possible. If you realize you are in over your head, engage with an IT solutions company like Pacific Northwest Computers to help remedy security issues and implement data protection plans for the future.
- Perform an Audit:
Determine how your systems, online accounts, email accounts, etc were accessed. Go over your response to stopping the breach, and the effect the attack/response had on your business. Once you know the answers to those questions, you can make better decisions on how to move forward and be better prepared for the future.
- Learn From Your Mistakes:
After the initial shock has passed and your system is back on track, work with your IT team and or an outside IT company such as Pacific Northwest Computers, and establish a plan to prevent further issues, as well as set up any further needed "safety nets" to limit downtime, enable a quicker response, and prevent any data loss as well as have a system to get data back as quickly as possible. This will lower your risk of further attack as well as better prepare yourself if another attack was to occur. That alone is worth the peace of mind!
For example, If your attacker got in via your email or by exploiting a poorly chosen password, retrain employees to better protect your network. If the attacker used a lost or stolen device, you may need to address inventory tracking. If data was stolen, held for ransom, etc. you have a backup plan for all of your important and critical data! Plus much more.
Isolate any devices or systems that have been identified as being a part of the breach and/or attack. If the hacker has used an email or account to access your systems, close them down to prevent further damage. If a specific computer is infecting other systems on the network, disconnect its network connections and get it offline. Ultimately, the faster you can restrict access to the systems, computers, and or accounts that have been affected, the less damage a hacker can do.
You’ll need to determine the extent of the damage and which systems, accounts, or users are suspected of being compromised, and which systems are confirmed secure. When you know what has actually been accessed, and what/who has been attacked, you will be better equipped to deal with the overall situation.
Once the threat has been addressed, you can restore your systems, network, etc so you can continue your normal day-to-day work. If you have a DRaaS or BaaS system in place, your provider will be able to help you recover any lost, stolen, or deleted data quickly. If you don't have any backup systems in place for your critical data, try to work with your in-house IT team to attempt data recovery, and get things back up and running as fast as possible. If you realize you are in over your head, engage with an IT solutions company like Pacific Northwest Computers to help remedy security issues and implement data protection plans for the future.
Determine how your systems, online accounts, email accounts, etc were accessed. Go over your response to stopping the breach, and the effect the attack/response had on your business. Once you know the answers to those questions, you can make better decisions on how to move forward and be better prepared for the future.
After the initial shock has passed and your system is back on track, work with your IT team and or an outside IT company such as Pacific Northwest Computers, and establish a plan to prevent further issues, as well as set up any further needed "safety nets" to limit downtime, enable a quicker response, and prevent any data loss as well as have a system to get data back as quickly as possible. This will lower your risk of further attack as well as better prepare yourself if another attack was to occur. That alone is worth the peace of mind!
For example, If your attacker got in via your email or by exploiting a poorly chosen password, retrain employees to better protect your network. If the attacker used a lost or stolen device, you may need to address inventory tracking. If data was stolen, held for ransom, etc. you have a backup plan for all of your important and critical data! Plus much more.
