TAG Solutions Blog

What to do if your network is breached

April 20, 2022 at 2:21 PM / by Danielle Smyth

A network disaster recovery plan is as crucial as a network backup plan. When your company’s security is compromised, you must respond quickly first and recover your information second.

Without a backup plan, essential data can be lost forever. Worse still, not having a recovery plan means you won’t know how to stop the bleeding and suture the wound. If something or someone breaches your network, you must go right into disaster mode; it is the only way to respond to such a situation. Fortunately, TAG Solutions, your Albany managed service provider, can help.

IBM’s Cost of a Data Breach Report 2021 found that the average cost of a data breach has increased from $3.86 to $4.24 million, and the most common route inside a company’s network was compromised credentials. Companies that used more remote work platforms and employees had more reported breaches, and this is not surprising.Cybersecurity and IT Trends

PREPARATION FOR AND PREVENTION OF A NETWORK BREACH

On the bright side, there are strategies that can prepare you for a breach and others that can help to prevent one in the first place. For instance, fully deployed artificial intelligence (AI) is a powerful tool in your arsenal. AI can help your business safeguard IT and Internet of Things (IoT) security, as well as the security of associated business assets. Ultimately, this can mean less cost to your business when a breach occurs.

When considering a SaaS provider or any other vendor, ask about their SOC 2 compliance status. SOC 2 is an auditing procedure that ensures your service providers securely manage your data. This will both protect the interests of your organization and the privacy of your clients. It’s important to be security conscious, and SOC 2 compliance should be a minimal requirement when considering a SaaS provider or other vendor.

If you aren’t sure whether your internal data or the data management practices of your vendors are SOC 2 compliant, TAG Solutions can help. If you’re concerned about your internal data, we can even provide a free network assessment to see where you stand or help you set up network penetration testing.

Prepare for a Cyber Attack

 

Zero trust approaches are another important method for preventing a data breach in the first place. Essentially, zero trust approaches treat every network user, device, application, workload, and data flow as untrusted and a potential threat. As your Albany managed service provider, we can help you set up user and device identification practices, create access controls and micro segmentation, deploy continuous network monitoring, and design remote access protocols.

Learn about the true cost of network downtime.

MAPPING OUT THE STEPS WITH YOUR MANAGED SERVICE PROVIDER

Techopedia explains that you should specifically design a network breach disaster recovery plan for both your organization’s internal and external network infrastructure. The recovery plan comprises a set of policies and procedures to return the network to its normal working operations after it is disrupted by a disastrous event or goes offline. For more on what a sample disaster recovery plan might be like, take a look at this example from Kyndryl.

A comprehensive plan will cover network-based applications and services, servers, computer systems, wireless networks, local area networks (LAN) and wide-area networks (WAN).

You can place the final plan in a “runbook,” which is a guide that explains every part of the recovery process in detail. Once the runbook is prepared, it will be ready for you when disaster strikes. Members of the company should regularly practice the steps within the runbook. The main categories in this plan include:

  • What each team member’s responsibilities are during the recovery process
  • Contingency plans in case the network remains offline for a prolonged period of time
  • Strategies for network recovery

CUSTOMIZED DISASTER RECOVERY PLANS

Every business should have a disaster recovery plan, and the specifics will vary based on a wide variety of factors. To get started, Ready.gov recommends compiling an inventory of all the hardware, data, and software applications you have or use. From there, you can proceed with ensuring that you have securely backed up all the vital information.

Critical software applications, data, and the hardware needed to run your processes should be identified, with extra copies of program software available in case a reinstallation is needed if the programs were installed via disk.

Of course, most programs today are used in the cloud or available for use as a download. In this case, be sure to keep the passwords and logins for these accounts readily available in a location off the network so you can regain access quickly. Once you are able to regain network access, you’ll want to check the credit cards and bank accounts associated with these accounts for any fraudulent charges, as the payment information could have been obtained by a criminal during the breach. You should also immediately change all passwords.

Data and files must be constantly updated and backed up. Your managed service provider can help you to schedule these procedures. Furthermore, it is not good enough to have your data backed up—you’ll need to test the data periodically for its integrity. You can automate many of these functions. Not sure how to proceed? Check with your managed service provider for help.

Services like Datto, an American cybersecurity and data backup company, can also be of use. Datto protects and restores servers, offers safe file sync services, provides all-in-one cloud-based backup and disaster recovery, and helps small businesses to quickly restore their services.

RESPONDING TO A NETWORK BREACH

The Federal Trade Commission shares some helpful guidelines for responding to a network breach, and you can work these into your customized recovery plan runbook. Moving quickly to secure the physical areas related to the breach is paramount; lock doors, change access codes and reach out to your breach response team to prevent more data loss. You need to take all affected equipment offline immediately and be sure to update all authorized user’s credentials and passwords.

It is also essential to check all your websites and social media platforms to see if there was any personal information on there during the breach. There may be exposed data on other websites, too. Also, alert all your vendors and anyone else you regularly do business with. It is wise to contact the company’s legal team early on and interview the people who initially discovered the breach. Document everything you do but do not destroy evidence; you may need this during the investigation and recovery processes. You should also immediately reach out to your insurance company and inform them of the breach.

Still need help? Contact TAG Solutions today. Our multi-layered approach to your business’s technology infrastructure is proactive and can prevent the worst, should disaster strike. You need a managed service provider now, not after you’ve spent millions of dollars in unproductive time following a massive network failure.

Want a free network assessment to see where you stand? We can do that, too. Sign up here to get a better sense for what you need to do to protect your company.

Danielle Smyth

Written by Danielle Smyth