Information Security Tip #5: Incident Response
Incident Response. Taking steps to protect personal information in your files and on your network can go a long way toward preventing a security breach. Nevertheless, breaches can happen. That’s why Altius IT recommends that organizations have a plan in place to respond to security incidents. Altius IT's tips on customizing your company’s security response plan include:
- Team. Senior management sets the tone for an organization’s commitment to data security. Designate a well-respected senior official to head up your response team.
- Plan. Once you’ve put together your response team, have them draft plans for how your business will respond to different types of security incidents. Sample scenarios may include a lost laptop, servers hacked, internal theft of data, etc.
- Timely. If your staff suspects a breach, investigate it immediately. Waiting days to convene a committee can waste precious time.
- Disconnect. If you suspect a computer breach, immediately sever the compromised computer’s access to the Internet and to your network. To assess the impact, ask your IT staff to preserve any available network logs, file transfer logs, system logs, and access reports. Also investigate if intruders opened files or placed new programs on your computer.
- Contact. Consider whom to inform in the event of an incident, both inside and outside your company. You may need to notify consumers, law enforcement agencies, customers, credit bureaus, and other businesses that may be affected by the breach. In addition, about 40 states have laws addressing data breaches. Have that information on file before you need it.