Every company that handles confidential information should be concerned with the likelihood of a data security breach. But what happens when the worst happens? Do you have a plan in place? Here’s the best way to approach a data security breach:
First, figure out the whole story
Gather as much information as possible and as many specific details as you can surrounding the data breach incident. In order to understand who to notify or how significant the breach will be, you’ll need a complete view of the situation. Accomplish this by gathering all of the leadership involved in the area of the breach, as well as the information you have surrounding the discovery of the breach for review in a meeting.
Second, review your regulations
Once you and your leadership team fully understand the situation, the next step is to review your local regulations. To find out what you should do, take a look at the State Security Breach Notification Laws, which are used by all but Alabama, Kentucky, New Mexico, and South Dakota using a handy database like the NAPLIA State Security Breach Notification Database.Then take this information to a specialist to make sure you’re doing what needs to be done.
Next, decide who to notify
No matter what the breach, you may not be sure if you should call the cops, your clients, or your insurance. It turns out that it depends on the severity of the leak! If someone may be harmed as a result, you should immediately notify the police. If you are aware of circumstances that could potentially lead to an insurance claim, you must notify your insurance as soon as possible. Then there are the required notifications to send out as stated in your state notification laws.
Then, decide when to notify them
The earlier you notify your clients (businesses or individuals), the better prepared they can be to mitigate the consequences of a breach. However, notifying your clients before notifying your lawyer, internal leadership, or the police could be a bad move. Make a plan for who you will notify and when so that you don’t risk acting too quickly.
Finally, decide what you’ll say
If you respond to the data breach at random and out of order, you risk not having a cohesive grasp of the situation. Make sure you have a well thought-out communication template for each type of customer that identifies what happened, what your response to the breach will be, and who the individual can contact with further questions.
How to prevent a future data breach
When it comes to security breaches, prevention and planning are key. Taking the time to talk about these issues now while there is no emergency means that when the worst happens, you’ll be calm and collected and ready to respond. You can significantly reduce your risk of an exposure by conducting a risk assessment of your current state and uncovering any holes in your security. Implementing a security policy to address the management of data both on and off your network will protect you from a breach.
At MPC, we specialize mitigating risk surrounding off-network electronic equipment. When businesses need to address the security of their physical technology equipment, MPC conducts in-depth risk assessments and provides protection against needless threats such as data security, financial environmental, legal, brand and loss of operational efficiency.
via Business 2 Community http://www.business2community.com/tech-gadgets/costs-data-breach-worst-happens-0596439?utm_source=rss&utm_medium=rss&utm_campaign=costs-data-breach-worst-happens
Aucun commentaire:
Enregistrer un commentaire