Online security has come a long way since the days of early anti-virus software, but even with strong security measures in place, data breaches can still occur and cause havoc to a business.A data breach usually occurs in one of two ways:
1) When a company’s login information for a system or software has been compromised, leading to a third party having access to business or client data.
2) When a larger software company has been hacked and access to their database of client’s information has fallen into the wrong hands.
Whatever the type of breach, it is important to take immediate action to minimise the potential damage to your business and your customers.
Responding to a breach
There are a few steps you should prioritise if a breach has occurred.
1. Identify the source of the breach (if possible) and the extent of it
Depending on the type of breach, you may be able to identify the source using software logs or from communications directly from the software provider that was compromised. They should also provide information about the specific data that has been accessed by the intruder. If the breach has occurred solely within your business, you will need to check your accounting software for any suspicious activity and make a list of the possible information that the hackers may have gained access to. Having an accurate list of which systems and accounts have been compromised will make it easier to restore and investigate the damage.
2. Change your passwords
The next (equally important) step is to login to the vulnerable account and change your password immediately. Time is of the essence during a data breach. If the breach is on a large scale, the hackers will have gained access to thousands of accounts, so they won’t have time to access them all at once. If you can change your details as soon as you learn of the breach, you have the best chance at protecting your personal information.
If you cannot login to your account using your usual details, try using the ‘reset password’ option or contact the software developer as soon as possible.
3. Download any files
If you’re able to login to the compromised account, download any important information to your company’s server and make a backup. If the hackers eventually go through and delete or corrupt files, you should have a copy of it saved to restore from, saving your business a world of pain!
4. Communication is key
Once the extent of the breach is understood, you need to communicate it to the wider company and to any clients whose data may have been exposed. This can be communicated in many forms- email, phone call, media release- if necessary.
Be honest and sincere. Admit if it was the fault of the company, or explain if it was out of your control. You must detail what was accessed, what you are doing about the breach and what they can expect. The best thing you can do to make your clients feel at ease and protect your company’s reputation is to communicate openly and in a timely manner.
Xenex Systems can help protect you against opportunistic hackers by installing and monitoring security software, making it all the more difficult to access places they shouldn’t. Talk to us today about how we can help and don’t forget to read our related blog ‘Why Is Password Security So Important For A Business?’ for extra tips on data breach prevention.
