What to do After a Data Breach?
You may think that all your company’s data is safe and secure, but the worst could still happen. In fact, 2017 has already seen one in four organizations experience a breach. Given that the chances of a breach are so high there are three things that your company should do if exposed:
Step 1: Perform a Risk Assessment
After the breach happens, the best thing you can do is find out what information was compromised and how it happened. You should assign an expert to lead the investigation and act quickly to find the source of the breach. They should have the knowledge and experience to find the information quickly and accurately. They should do a walk-through of the office to identify areas of risk which could include: the photocopier room, recycling bins, and online policies.
Step 2: Get Expert Legal Advice
Once the source of the breach is identified and it has determined what information has been compromised, it's important that you involve your legal team so they can determine if you need to advise your stakeholders. At times when a data breach doesn't involve confidential information, a disclosure or might not be necessary. Your legal team will know what needs to be disclosed and what legal repercussions, if any.
Step 3: Conduct a Policy Review to Ensure Another Breach Doesn't Happen
You should look at your current policies that your business uses and bring in a third-party information security company, like Shred-it. We will conduct a comprehensive security risk assessment for your company and provide you with recommendations. Consider implementing a Shred-it All policy to take the guesswork out of what does and what doesn't need to be shred. That way everything gets destroyed and you know your information is secure. To make this new process a success, you need to get buy in from the leaders of the organization to ensure you have security in your workplace.
By going through the steps, you will be able to collect yourself after the breach and have a new found focus on information security. To learn more on how to keep your information secure visit our resource center and follow us on Facebook, Twitter and LinkedIn.