You are here: Blog Tags Addiction

Voyage Tech Blogs

Voyage Technology has been serving the Beaver Dam area since 1999, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.
Font size: +
Subscribe to this blog post
Print

What to Do Before (And After) a Data Breach

Voyage Technology Blog Security
What to Do Before (And After) a Data Breach

One of the biggest myths out there related to cybersecurity is that criminals only go after the big enterprises. Why should they care about your small operation, anyway? In reality, cybercriminals love to attack small businesses to take advantage of their weaker security infrastructures. If you’re not careful, this could lead to serious losses for your business stemming from a loss of trust, legal fees, and operational downtime.

Today, we’re going over what you should do before a data breach, as well as what to do afterward, so you can be as prepared as possible for cyberattacks.

What to Do Before a Data Breach

Develop an Incident Response Plan

If you want to be ready for a cyberattack, it starts by building a plan. You need to build an Incident Response Plan (IRP), a physical or digital document that details what happens in the event of a data breach. This includes resources beyond IT, including your legal counsel, any insurance providers, and your head of communications. With all this at your fingertips, you should be able to execute your plan in a second, should anything bad occur.

Implement the 3-2-1 Backup Rule

On the off-chance your business suffers a data breach, you'll want to have backups and restoration procedures in place. We recommend the 3-2-1 rule, where you maintain three copies of your data, on two different media types, with one off-site copy. Keep in mind this is the bare minimum of what you should accept; we also like to add in having an immutable backup that cannot be edited or changed, just for good measure.

What to Do After a Data Breach

Isolate the Affected Systems

Your first thought, in the event of a data breach, should be to contain the threat. Disconnect the device from the Internet and your physical infrastructure, but do not turn the computer off; experts will need to look at the device to see what the hackers were up to, and turning it off could erase vital evidence. Finally, disable remote access and shut down any VPNs or remote desktop protocols.

Conduct a Forensic Investigation

Now that your systems are isolated, it’s time to root out the cause of the breach and take action. We recommend you work with security professionals, like Voyage Technology, to find out how the attacker got in, like an unpatched software vulnerability or a phished password. If you work with us, we’ll also look for which specific files were accessed or exported, as well as how long the hacker was present on your systems and which accounts have been compromised.

Practice Transparency In Your Communication Strategy

A data breach is devastating in its own right, but it can be just as bad for your reputation if you try to cover it up. You need to effectively communicate to your clients and customers that you are not a liability due to your security breach. We recommend you follow a simple framework in your client-facing communication: start with what happened, explain what you are doing to address it, and what your clients should do in their own response.

Reset All Credentials Across the Organization

If a hacker makes it into your infrastructure, they’ll likely try to use a backdoor to break in again. Use the “nuclear” password option and force password changes across the organization, and be sure to log everyone out of all accounts and devices globally. Furthermore, enable multi-factor authentication for all accounts to prevent a secondary breach.

Is your business adequately protected from and prepared for a cyberattack? Voyage Technology can help you develop the appropriate response strategy, but hopefully it doesn’t come to that. Learn more today about how to minimize your risk by calling us at 800.618.9844.

Tweet
Tags:
Backup Security Small Business

Sign Up For Our Newsletter!

Blog Categories

Mobile? Grab this Article!

Qr Code

Tag Cloud

Security Technology Tip of the Week Best Practices Data Business Computing Business Productivity Software Innovation Cloud Hackers Efficiency Hardware Network Security User Tips Internet IT Services Malware IT Support Privacy Workplace Tips Email Google Computer Phishing Workplace Strategy Small Business Collaboration Hosted Solutions Backup Users Managed Service Ransomware Mobile Device Microsoft Productivity Quick Tips Passwords Saving Money AI Communication Cybersecurity Data Backup Smartphone Disaster Recovery Data Recovery Android Upgrade VoIP Business Management Smartphones communications Mobile Devices Windows Browser Social Media Microsoft Office Managed IT Services Current Events Network Tech Term Remote Internet of Things Information Holiday Automation Artificial Intelligence Facebook Miscellaneous Training Compliance Gadgets Cloud Computing Covid-19 Remote Work Server Managed Service Provider Outsourced IT IT Support Employee/Employer Relationship Spam Encryption Office Windows 10 Data Management Business Continuity Government Wi-Fi Business Technology Windows 10 Bandwidth Virtualization Blockchain Vendor Mobile Office Two-factor Authentication Managed Services Apps Data Security Mobile Device Management Tip of the week Chrome Gmail Voice over Internet Protocol Budget WiFi Apple Networking Employer-Employee Relationship App BYOD Computing Physical Security Applications Avoiding Downtime Information Technology Marketing Access Control Office 365 Conferencing Password Managed IT Services How To BDR Hacker HIPAA Router Virtual Private Network Risk Management Website Health 2FA Help Desk Office Tips Analytics Augmented Reality Retail Storage Healthcare Bring Your Own Device Big Data Computers Operating System Display Printer Paperless Office Windows 11 Infrastructure Monitoring Firewall Excel Document Management Managed IT Service Remote Workers The Internet of Things Telephone Scam Data loss Social Cooperation Free Resource Project Management Windows 7 Going Green Patch Management Save Money Microsoft 365 Remote Monitoring Customer Service Vulnerability End of Support Vendor Management Solutions Cybercrime VPN Employees YouTube Meetings Wireless Technology Integration Cryptocurrency User Tip Modem Computer Repair Mobile Security Processor Virtual Desktop Holidays Word Data storage LiFi Data Storage Smart Technology Supply Chain Outlook Video Conferencing Machine Learning Managed Services Provider Money Saving Time Virtual Machines Professional Services Humor Safety Maintenance Antivirus Sports Downloads iPhone Mouse Licensing Vulnerabilities Entertainment Administration Data Privacy Images 101 Customer Relationship Management Telephone System Multi-Factor Authentication Robot Mobility Cost Management Settings Printing Hacking Wireless Presentation Content Filtering IT Management Trend Micro Network Congestion Specifications Security Cameras Workplace Strategies Knowledge Fraud Meta Google Drive User Error Microchip Internet Exlporer Software as a Service Username IP Address Managing Costs Amazon Point of Sale eCommerce 5G Black Friday SSID Experience Virtual Assistant Outsource IT Google Docs Unified Communications Database Surveillance Bitcoin Network Management Running Cable Tech Support IT Technicians Virtual Machine Environment Recovery Media Google Wallet Proxy Server Reviews Cookies Hard Drives Monitors Cyber Monday Medical IT Domains Hotspot Transportation Small Businesses Tactics Development Windows 8 Laptop Websites Mirgation Hypervisor Displays Drones Shopping Nanotechnology Optimization Refrigeration PowerPoint Public Speaking Electronic Medical Records Language Employer/Employee Relationships Outsourcing SharePoint Addiction Management PCI DSS Lithium-ion battery Halloween Chatbots Navigation Entrepreneur Lenovo Gig Economy Screen Reader Writing Distributed Denial of Service Workplace Service Level Agreement Internet Service Provider Virtual Reality Computing Infrastructure Teamwork Hiring/Firing Hacks Server Management Regulations Compliance Scary Stories Private Cloud Identity Evernote Paperless Fun Co-managed IT Superfish Bookmark Identity Theft Smart Tech Memes Undo Deep Learning Download Net Neutrality Twitter Alerts SQL Server Technology Care Financial Data Error History Business Communications Social Engineering Break Fix Scams Browsers Smartwatch Education Connectivity IT Upload Procurement Remote Computing Azure Hybrid Work Mobile Computing Social Network Telework Cyber security Application Multi-Factor Security Tech Human Resources Search Dark Web Cables CES Tablet IoT Communitications Best Practice Trends Supply Chain Management IBM Alert Managed IT Customer Resource management FinTech Buisness File Sharing Regulations Dark Data Google Calendar Term Google Apps How To Microsoft Excel IT Maintenance Legal Data Analysis IT solutions Star Wars IT Assessment Business Growth Gamification Flexibility Notifications Staff Value Business Intelligence Organization Travel Social Networking Legislation Shortcuts Competition Cortana Ransmoware Techology Fileless Malware Digital Security Cameras Google Maps Smart Devices Alt Codes Content Remote Working Wearable Technology Memory Vendors Health IT Downtime Unified Threat Management Motherboard Data Breach Comparison Google Play Be Proactive Permissions Workforce Unified Threat Management Directions Videos Hosted Solution Assessment Electronic Health Records Typing Wasting Time Threats User

Blog Archive

2026
2025
2024
2023
2022
2021
2020
2019
2018
2017
2016
2015