You can’t undo a data breach once it happens, but you can help mitigate the data breach damage and save your firm’s reputation by responding correctly.
Early warning signs of a breached include erratic behavior of computers such as new software suddenly appearing on your hard drive, new features/functions mysteriously added to your web browser toolbar, and antivirus software settings that are changed or turned off seemingly on their own.
Here are four steps you should take if your firm experiences a data breach.
1. Investigate whether it is a Breach?
Determine whether the warning signs you are experiencing are the result of an actual breach or a software glitch. Consult with your software vendors to determine if there is a software bug. If it turns out you’re dealing with a data breach, you will need to identify:
- All the computer systems and applications affected
- The origin of the breach
- The identity of all victims including clients, staff and vendors
2. Contain the Breach
Shut off all possible paths that the breach could be coming through and stop data traffic to those affected areas. This may include:
- Rerouting network traffic
- Obtaining an uninfected backup copy of critical data and restoring it to a new network
- Abandoning the previous infected network
- Changing all passwords
You should also keep track of all the costs and expenses involved in containing the data breach as this will be needed when you file a criminal report and a data breach insurance claim.
3. Notify Those Impacted
Make sure that the affected victims learn of the breach from you and not from the media or other sources. Your firm’s reputation and sheer existence is on the line, how well you manage notifications and when you notify possible victims is of critical importance.
The first people that you want to notify are affected staff. From there you should notify your data breach insurance carrier, local law enforcement agency and the FBI. These entities can guide you on how to contain your data breach and when to notify customers and vendors. Data breach insurance provides valuable support services to help their firms successfully manage data breaches so they can continue after an incident.
4. Manage Client Relations and Communications
How you break the news of the breach to your clients, vendors and the public can be a strong determining factor of whether your firm survives or closes. It’s common to send out an email, but also set up a process and train your staff on how to respond to questions that affected individuals may have. In your communications, it’s important to accept responsibility, explain why the breach happened and the steps you are taking to make things right.
It’s also important that you explain how you will prevent this from happening in the future. Lastly, if you’re providing credit monitoring or any other service or special offer, include information on that in your notifications.