Nobody likes to imagine the worst-case scenario, but that doesn’t make preparing for it any less important. From a natural disaster to a data breach, there are many things which can threaten or destroy critical IT infrastructure, taking the core business operations with it.
However, once a disaster has struck, it can be equally difficult to imagine recovery. Here’s how an IT disaster unfolds, and what steps companies that experience them take to successfully return to normal operations.
IT disasters come in many shapes and forms. It’s important to recognize that when drafting a disaster recovery response because the nature of the incident will determine the best response. In general, IT disasters can occur due to:
Since half of all US businesses experienced at least one cyber-attack in 2018, this article will look more closely at the disaster recovery process following a data breach.
There’s no one way to address a data breach, assuming that it’s caught immediately. IBM estimates that it takes 197 days to identify a breach on average, plus another 69 to contain it.
Identify the event and confirm that it is, indeed, a security incident. A strong intrusion detection and access control strategy will make this easier because security personnel will already know what normal activity looks like.
Take steps to rapidly isolate the affected systems or locations to prevent further damage. This may include user accounts, parts of the network, specific computers, or physical areas of a facility.
Remove the root cause of the security breach. That cause may be a virus, malicious software, a hijacked device or even a physical person.
Identify the recovery point, or the last known backup prior to the disaster. From here, establish a timeline for restoration which includes objectives for how quickly the company is to restore normal operations. It’s also good practice to identify the maximum downtime that a business can handle before catastrophic losses occur.
Hopefully, there isn’t a next time, but there could be. Once the incident has been addressed, and business operations return to normal, make sure that the incident is fully analyzed to glean any insights which may be useful for next time.
It’s not easy to bounce back from an IT disaster, whether it resulted from a breach or forces outside the company’s control. However, the odds of survival diminish rapidly, making it crucial to take the right steps to return to normal operations. Doing so helps a company avoid being part of the 60 percent of small and mid-size businesses which fail within six months of a breach.
Companies in the healthcare and financial industries should doublecheck legal notification requirements. Likewise, all companies which experience a data breach should consult with professionals to determine if any legal notification requirements exist.
Notification requirements improve transparency. Take responsibility and follow them. Not doing so will destroy customer trust further.
Criminals are clever and sometimes outsmart experts, but professionals learn. Take aggressive steps to learn what happened, and how to make sure that it doesn’t happen again.
Get professional help at the earliest chance to assist with damage control and long-term recovery. Managed IT services can provide critical insight built on deep experience to help companies make the right decisions the first time.
Data breaches happen for a variety of reasons. Many of those reasons can be avoided by following a few basic data hygiene tips:
· Shred or destroy unnecessary information so that it can’t fall into the wrong hands.
· Safeguard passwords: don’t make easy or obvious ones, don’t write them down in plain sight, and don’t share them.
· Lock computers or devices when not in use. Lock doors and buildings when empty.
· Update security policies to align with industry best practices.
· Educate employees on privacy and security for sensitive data.
· Protect networks, servers, and other modes of data transmission.
· Implement security features on printers and other office equipment with hard drives.
Verizon estimates that 87 percent of all breaches take only a few minutes, but less than three percent are caught in that same window. That makes the average window of 197 days to identification utterly terrifying.
Don’t be part of that average. Managed network services can greatly reduce the risk of a data breach and increase the likelihood it’s caught immediately. Contact DSI today to make prevention, discovery, and recovery immediate.