How to Handle an IT Security Breach at Your Business

IT Security Breach at Your Small Business: What Do You Do Now?

You wake up one morning to the news no small business owner wants to hear. There has been an IT security breach. Systems are down, data is lost, or customer’s financial information has been stolen—or all of the above. What steps can you take immediately to mitigate the damage and restore function and trust to your IT systems?

Focus on Identifying the Problem

Now is not the time to play the “blame game” or try to figure out whether the attack could have been prevented. Right now, your number one concern is to identify the nature and source of the attack so you can stop it. Look at the symptoms and the compromised data. Was this the result of a virus, a DDoS attack or some other threat? Contact an IT professional to help you pinpoint the nature of the attack and the point of entry so you know how to address it.

Contain the Attack

As soon as you can identify the nature of the security breach, the next step is to cut ties at the point of compromise to prevent further theft or damage. Immediately disconnect and quarantine any compromised computers and devices from the network so viruses can’t spread. Change passwords throughout the network, even for staff whose devices weren’t compromised.

Evaluate the Damage

Once the threat has been neutralized, it’s time to take a hard look at the damage. What data was compromised, stolen or destroyed? Are affected systems still usable? Will hardware need to be replaced. An IT professional can help prepare a comprehensive report.

Begin Restoration Processes

At this point, you can begin taking steps to restore devices and data. Any compromised computers that are still usable need to be thoroughly disinfected of malware and restored to pre-attack conditions, if possible. Hopefully, you’ve got an offsite backup of your data that you can use to piece together missing files.

Notify Affected Customers

If the security breach compromised your customers’ personal or financial information, you have an obligation to notify them of the breach, what information was compromised, what you are doing about it, and what they need to do to protect their information going forward.

Create a Plan of Action

At this point, you’re finally ready to delve into how and why this breach occurred and develop a plan of action to prevent a recurrence. Did the breach occur because of faulty or nonexistent security, weak passwords or employee ignorance? Identify the point(s) of weakness, install new hardware/software as needed, and educate your team on proper security protocols going forward.

If your Orange County small business has been the victim of an IT security breach, or if you’re concerned about your vulnerabilities, we can help. Call us today at 1-877-NetServ.

SUPPORT PORTAL     |     Phone Support: 714-617-7119