You are here: Blog Calendar

Voyage Tech Blogs

Voyage Technology has been serving the Beaver Dam area since 1999, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.
Font size: +
Subscribe to this blog post
Print

What to Do Before (And After) a Data Breach

Voyage Technology Blog Security
What to Do Before (And After) a Data Breach

One of the biggest myths out there related to cybersecurity is that criminals only go after the big enterprises. Why should they care about your small operation, anyway? In reality, cybercriminals love to attack small businesses to take advantage of their weaker security infrastructures. If you’re not careful, this could lead to serious losses for your business stemming from a loss of trust, legal fees, and operational downtime.

Today, we’re going over what you should do before a data breach, as well as what to do afterward, so you can be as prepared as possible for cyberattacks.

What to Do Before a Data Breach

Develop an Incident Response Plan

If you want to be ready for a cyberattack, it starts by building a plan. You need to build an Incident Response Plan (IRP), a physical or digital document that details what happens in the event of a data breach. This includes resources beyond IT, including your legal counsel, any insurance providers, and your head of communications. With all this at your fingertips, you should be able to execute your plan in a second, should anything bad occur.

Implement the 3-2-1 Backup Rule

On the off-chance your business suffers a data breach, you'll want to have backups and restoration procedures in place. We recommend the 3-2-1 rule, where you maintain three copies of your data, on two different media types, with one off-site copy. Keep in mind this is the bare minimum of what you should accept; we also like to add in having an immutable backup that cannot be edited or changed, just for good measure.

What to Do After a Data Breach

Isolate the Affected Systems

Your first thought, in the event of a data breach, should be to contain the threat. Disconnect the device from the Internet and your physical infrastructure, but do not turn the computer off; experts will need to look at the device to see what the hackers were up to, and turning it off could erase vital evidence. Finally, disable remote access and shut down any VPNs or remote desktop protocols.

Conduct a Forensic Investigation

Now that your systems are isolated, it’s time to root out the cause of the breach and take action. We recommend you work with security professionals, like Voyage Technology, to find out how the attacker got in, like an unpatched software vulnerability or a phished password. If you work with us, we’ll also look for which specific files were accessed or exported, as well as how long the hacker was present on your systems and which accounts have been compromised.

Practice Transparency In Your Communication Strategy

A data breach is devastating in its own right, but it can be just as bad for your reputation if you try to cover it up. You need to effectively communicate to your clients and customers that you are not a liability due to your security breach. We recommend you follow a simple framework in your client-facing communication: start with what happened, explain what you are doing to address it, and what your clients should do in their own response.

Reset All Credentials Across the Organization

If a hacker makes it into your infrastructure, they’ll likely try to use a backdoor to break in again. Use the “nuclear” password option and force password changes across the organization, and be sure to log everyone out of all accounts and devices globally. Furthermore, enable multi-factor authentication for all accounts to prevent a secondary breach.

Is your business adequately protected from and prepared for a cyberattack? Voyage Technology can help you develop the appropriate response strategy, but hopefully it doesn’t come to that. Learn more today about how to minimize your risk by calling us at 800.618.9844.

Tweet
Tags:
Backup Security Small Business

Sign Up For Our Newsletter!

Blog Categories

Mobile? Grab this Article!

Qr Code

Tag Cloud

Security Technology Tip of the Week Best Practices Data Business Computing Business Productivity Software Innovation Cloud Hackers Efficiency Hardware Network Security User Tips Internet IT Services Malware IT Support Workplace Tips Privacy Email Computer Phishing Google Workplace Strategy Hosted Solutions Collaboration Small Business Users Backup Managed Service Ransomware Mobile Device Productivity Microsoft Quick Tips Passwords Saving Money AI Communication Cybersecurity Data Backup Smartphone Disaster Recovery Data Recovery Android VoIP Upgrade Business Management Smartphones Mobile Devices communications Windows Browser Social Media Microsoft Office Managed IT Services Current Events Network Tech Term Remote Internet of Things Information Facebook Miscellaneous Holiday Automation Artificial Intelligence Gadgets Cloud Computing Covid-19 Training Compliance Remote Work Server Managed Service Provider Outsourced IT IT Support Encryption Spam Employee/Employer Relationship Office Windows 10 Government Business Continuity Data Management Virtualization Blockchain Wi-Fi Business Technology Bandwidth Windows 10 Data Security Apps Vendor Two-factor Authentication Mobile Office Managed Services WiFi App Employer-Employee Relationship BYOD Tip of the week Chrome Mobile Device Management Budget Voice over Internet Protocol Gmail Apple Networking How To BDR HIPAA Computing Physical Security Applications Information Technology Hacker Access Control Avoiding Downtime Office 365 Marketing Conferencing Password Managed IT Services Big Data Operating System Router Virtual Private Network Risk Management Computers Health 2FA Help Desk Office Tips Analytics Website Augmented Reality Retail Storage Healthcare Bring Your Own Device Cooperation Free Resource The Internet of Things Project Management Windows 7 Going Green Patch Management Social Save Money Microsoft 365 Remote Monitoring Vulnerability End of Support Vendor Management Solutions Cybercrime Customer Service Display Printer Paperless Office Windows 11 Infrastructure Monitoring Excel Document Management Remote Workers Managed IT Service Firewall Telephone Scam Data loss Data Privacy Images 101 Telephone System Multi-Factor Authentication Robot Mobility Cost Management Settings Printing Wireless Content Filtering Customer Relationship Management IT Management VPN Employees YouTube Meetings Integration Cryptocurrency User Tip Modem Hacking Computer Repair Mobile Security Processor Presentation Virtual Desktop Holidays Data storage LiFi Wireless Technology Data Storage Smart Technology Supply Chain Outlook Video Conferencing Machine Learning Managed Services Provider Money Saving Time Virtual Machines Professional Services Word Humor Maintenance Antivirus Sports Downloads Mouse iPhone Licensing Safety Entertainment Administration Vulnerabilities Alert Best Practice Trends Supply Chain Management Managed IT Customer Resource management FinTech Buisness File Sharing Regulations Dark Data Google Calendar Term Google Apps Legal Data Analysis IT solutions Star Wars IT Assessment How To Microsoft Excel IT Maintenance Notifications Staff Value Business Intelligence Business Growth Gamification Flexibility Organization Travel Social Networking Application Legislation Shortcuts Techology Fileless Malware Digital Security Cameras Google Maps Smart Devices Cortana Ransmoware IBM Wearable Technology Memory Vendors Alt Codes Content Remote Working Health IT Downtime Unified Threat Management Motherboard Data Breach Comparison Google Play Be Proactive Unified Threat Management Directions Videos Hosted Solution Assessment Electronic Health Records Permissions Workforce Wasting Time Threats Typing Trend Micro Network Congestion Specifications Security Cameras Workplace Strategies Google Drive User Error Microchip Internet Exlporer Software as a Service Competition Knowledge Fraud Meta Username Managing Costs Amazon Point of Sale eCommerce 5G Black Friday SSID Experience Virtual Assistant Outsource IT Google Docs Unified Communications Database Surveillance Bitcoin Network Management Running Cable Tech Support IT Technicians Virtual Machine Environment User Media Google Wallet Proxy Server Reviews Cookies Monitors Cyber Monday Medical IT Hotspot Transportation Small Businesses Tactics Development Windows 8 IP Address Laptop Websites Mirgation Hypervisor Displays Drones Shopping Nanotechnology Optimization PowerPoint Electronic Medical Records Language Employer/Employee Relationships Outsourcing SharePoint Addiction Management PCI DSS Halloween Chatbots Recovery Navigation Lenovo Gig Economy Screen Reader Hard Drives Writing Distributed Denial of Service Workplace Virtual Reality Computing Infrastructure Teamwork Hiring/Firing Service Level Agreement Internet Service Provider Domains Hacks Server Management Regulations Compliance Scary Stories Private Cloud Identity Evernote Paperless Superfish Bookmark Identity Theft Smart Tech Memes Refrigeration Fun Co-managed IT Twitter Alerts SQL Server Technology Care Deep Learning Download Net Neutrality Public Speaking Financial Data Lithium-ion battery Error History Business Communications Browsers Smartwatch Education Connectivity IT Social Engineering Break Fix Scams Entrepreneur Remote Computing Azure Hybrid Work Upload Procurement Mobile Computing Social Network Telework Cyber security Multi-Factor Security Tech Human Resources CES Tablet IoT Communitications Undo Search Dark Web Cables

Blog Archive

2026
2025
2024
2023
2022
2021
2020
2019
2018
2017
2016
2015