You KNOW you could have / should have done more to protect your business data… but now it’s too late and your computers have been compromised.
What should you do in the event of a data security breach?
1. CALL IT DATA SECURITY PROFESSIONALS ASAP!
Just like a fire or medical emergency, time is of the essence. The attack may still be underway or causing further damage.
- In the case of a virus or malware, the more people who open the email, the more computers will be infected.
- Hackers can continue downloading files as long as they have open access. Less than 48 hours after a breach, the attacker will have control of a network – you need to act fast.
- If the threat is coming from inside the building (an employee or contractor who either inadvertently or with ill intent caused the breach), you’ll want your IT team to be able to clearly see the source of the issue.
You don’t want a junior IT guy giving it his best shot. If you don’t have an experienced IT partner, NOW is the time to find one! (Note, however, that just like calling 911 to summon a helicopter to medically evacuate you off a cliff and into to an emergency room, finding an IT partner during a data security crisis is likely to be both difficult and expensive.)
The risk here is that if you have under-trained IT personnel panicking and changing settings, it may be difficult for your IT team to understand what really happened and diagnose the root cause of the issue. Don’t make the problem any worse than it is. Call in IT Professionals.
2. Assess and contain the damage.
Your IT professionals and senior leadership team need to set aside blame (at least for now) and be in tight communication about what happened and how to proceed in fixing the data security breach.
Hopefully you have a disaster recovery or business continuity plan in place, along with documentation of your passwords and backup of all your systems.
Your damage control team needs to decide:
- Is the breach contained?
- How severe is the damage?
- What steps do we need to take now?
- Who needs to know? If sensitive data was exposed, you’re likely legally required to notify those who are potentially impacted and/or government agencies.
- How can we prevent this from happening in the future?
3. Take data restoration steps.
Every situation is unique. Some actions need to be taken immediately, while others may happen over the coming days, weeks and months. Depending on what happened, restoration from a data security breach could mean:
- Restoring files from backup
- Changing all passwords
- Taking a system offline until security updates can be applied
- Paying the ransom on the ransomware (which is a terrible idea, for so many reasons!)
First to employees and then to anyone affected outside your organization, you need to clearly communicate:
- What happened
- How you’re fixing the issue
- Any steps those impacted need to do to protect themselves
5. Get committed to data security.
Small businesses are not immune from cybersecurity attacks. With fewer resources to fight and recover from a breach, it’s even more important for you to Integrate security into your platform. One component of our data security offerings is to use Microsoft 365 for:
- Identity & access management
- Threat protection
- Information protection
- Security management
- Device and application management
We also believe strongly in user data security training.
Many employees share passwords, not considering the data security ramifications. In over 63% of data breaches, attackers gain access through weak, default, or stolen user credentials. Your technology and people need to work together to keep your business protected from malicious cybersecurity attacks.
Beyond user training, there are a few other ways you can safeguard your business:
- Multi-factor authentication
- Leaked credential reporting and monitoring
- Computer firewalls
- Routine backup and recovery procedures
- Regularly applying security updates
Microsoft 365 for Data Breach Recovery
One of the solutions we use in our data security practice is Microsoft 365, which has all the perks of Office 365, plus advanced security and device management tools. Microsoft 365 helps us both with remote network monitoring, but also for data breach recovery.
Here’s some of what Microsoft 365 can do after you’ve been breached:
- Automatically investigate and mend endpoint threats
- Recommend what to investigate and remediate
- Investigate company-wide emails to remediate threats
- Visualize a hacker’s lateral movement
- Recover OneDrive files
- Remove ransomware
Call Us for Data Breach Prevention
We don’t want to be your 911 IT emergency call. We want to be your day-to-day IT partner who keep your IT systems health and your systems secure with IT services like:
- Continually monitoring network traffic for anomalies
- Maintaining backups and testing restore procedures
- Having a “red book” of system admin credentials and vendor contact information
- Enforcing IT policies and procedures
- Keeping hardware and software up-to-date
Don’t wait until it’s too late – give us a call today – 1.586.263.1775.
Data Breach FAQ’s
What is the most common cause of data loss?
The most common cause of data loss is hardware failure – make sure you’re always backing up your hardware! Other causes include; human error, software corruption, theft, and viruses.
What happens when there is a data breach?
A data breach puts ALL of your personal and financial records at risk. This makes you vulnerable to identity theft, compromise of customer data, compromise of employee data, loss or risk or intellectual process, and virus attacks.
How to protect yourself after a data breach?
Take data restoration steps:
1. Restore files from backup.
2. Change all passwords.
3. Take systems offline (if needed) until security updates can be added.
4. Integrate security into your platform.
How serious is a data breach?
A breach in your hardware will always be serious. It can lead to destruction, alteration, loss, or access to all personal data. Assessing the problem ASAP will lessen the blow.
Custom Software Development – Post Implementation Tips
Custom software applications help businesses get the exact functionality they need. When you’re the only business that does what you do, custom software is a way to add speed and enforce structure, while retaining your unique business processes.
Software Development Tools
Over the last 20 years, our software development team has developed, modified and maintained tons of custom applications. In our early years, we used Microsoft Access for many of the applications we developed. In fact, we still do quite a bit of Access maintenance work. However, for new software projects, we’ve primarily switched to using rapid software development tools like Django and Python with PostgreSQL or Microsoft SQL Server.
If you’re the business owner or department head, you probably don’t care that much about the software development tools themselves. Your focus (rightly so) is on getting the right solution that fits your needs and is easy to maintain.
What often gets overlooked is the plan for routine custom software maintenance.
Maintaining Custom Software
Like ALL software, custom software needs to be regularly updated and maintained. Unlike off-the-shelf software, the maintenance schedule is primarily driven by you. Certain events may trigger an update:
- Release of new operating system environments (like Windows 10)
- Loss of a key software developer
- Upgrade of a connected software application
- Change in business processes and procedures
But some clients like to play the “How long can we hold out from upgrading?” game.
Is this you?
- You have an older computer or server entirely dedicated to running this one application.
- There’s only one person who is allowed to touch the programming code for fear the entire system will crash.
- Your business can’t upgrade its systems or business processes because you don’t know how it will impact your custom software.
Outdated Custom Software Creates Risk
You may think you’re stretching your IT budget, but that’s not always true. Delaying custom software updates can add unnecessary risk and cost.
- Clients who maintain their software regularly typically don’t have to start from scratch every few years.
- As technology advances – and your custom software doesn’t – your company may be missing out on features that increase efficiency, security and profitability.
- You may be “forced” to upgrade or replace your software at a time that’s inconvenient.
- You risk having no one left who is willing or able to support your application.
Make Updates Part of Your Custom Software Development Plan
If you decide to build custom software, budget a certain amount of money to keep your software up-to-date and backed up. You may not know which operating system or database updates will require a patch to your software, but you can expect to do some software maintenance on a regular basis.
Backup and Recovery for Custom Software
Companies that use custom software need to have backup and recovery processes for both the production system and the software source code. The production system, which is the executable version of the software in use in your office, should be backed up regularly with the rest of your company files and databases.
You should also consider how and where the source code is backed up. Without the source code, you won’t be able to make changes to the software program itself. You and your software development company should discuss how many versions of the source code to keep, and the frequency and location of the source code backups. You should be able to access this code in the event something happens to your software development team.
Finally, insist on keeping a change log of updates to the software. If you ever need to bring in a different software development team, this documentation can help them get up to speed quickly.
The custom software development team here at Eclipse Consulting has built mobile apps, custom apps, integrations, and customizations using a wide variety of software development tools. We can help you build from scratch or update the solution you have in place today. See the questions you need to evaluate small business IT consulting services.
Give us a call at 586.263.1775 or click below to see how we can help.
How can you protect your company from a data breach?
Recent Data Breaches
Seems like every time you turn around, you’re hit with news of another major data breach. Just in the last few months:
- 150 Million My FitnessPal accounts were hacked
- Panera’s website had a security vulnerability that revealed the names, addresses, and birthdates of its loyalty card members
- Sears and Delta Airlines exposed thousands of users’ credit card data
- Even brands like Saks Fifth Avenue and Lord & Taylor have experienced data breaches lately
We’ve also seen the rise of the threat of ransomware. Ransomware is malware that encrypts your files, making them unusable. You may see an image like the one below
In a ransomware attack, the perpetrators promise to unlock your files if you pay the ransom. If you don’t have a reliable, recent backup, you may have no choice but to pay the ransom because everything in your system is unusable – including email, Word docs and databases.
The City of Atlanta recently experienced a ransomware attack where the than attacker demanded a $50,000 ransom. So far it’s cost the city $2.7 Million Dollars and major headaches to restore their system and tighten up their data security settings. Employees have resorted to paper-based applications and manual processes to keep operations running.
You may be thinking…
If these major companies can’t protect themselves from data breaches, how can small businesses expect to?
If you’re a small business, you have a few advantages over major corporations. First, small businesses are less of a target. Hackers go after big businesses because the payoff is big. Additionally, small businesses typically have more control over their IT environment. You actually have an advantage in protecting your data if you follow a few basic data security steps.
What is a data breach?
A data breach occurs when an unauthorized person gains access to your data. The question is how they were able to access to the data.
The most common data breach causes are:
1. Malware in email.
A user could click on a link in an email that causes malware to be installed on their computer. This malware could then allow the attacker access to the computer, which then replicates itself to computers, servers and may even send emails to all the contacts in your contact list (including clients). This malware can slow down system performance, crash your system or display annoying popup ads. See 13 warning signs that your systems have been infected by malware.
Solution: Hover over any link and inspect where that link is going to. When in doubt, go to the company website and login there. For example, if you get an email from PayPal saying you need to update your password, instead of clicking the link in the email “PayPal” sent you, just go to the PayPal website and see if they’re prompting you for a password reset.
Also, be careful about opening any attachments. Computer viruses can be disguised as .PDFs, .XLS and other familiar formats. Have a reputable anti-virus software program installed on all machines at all times. Keep your anti-virus software up-to-date and regularly scan your computer.
2. Email phishing tricks.
We recently had a user who was tricked into entering their email credentials into a fake web site. The attacker was then able to login into this mail account. They would have had access to any email in her mailbox (financials, emailed passwords, etc.). In this case the attacker used the credentials to send spam from her account, probably trying to infect other systems.
Last year, even a White House officials were tricked into responding to a fake email that purported to be from Jared Kushner, but in reality was sent by an email prankster.
Solution: Adopt Office 365 or G Suite for your business. These solutions come with added security measures that consumer email systems don’t provide. Don’t EVER provide confidential information through email.
3. Insecure websites.
Attackers can also gain access to servers through insecure web sites. Once they have access to the website, they can then access any database on the server and the content in the databases. This could be anything from e-commerce orders to financial or medical information. As an example, Drupal recently released a patch for a major security hole that allowed a virus to execute simply by browsing to a URL. Because WordPress runs about 25% of all websites today, it’s a big target for hackers. The database, themes and plugins are continually being updated with added security measures. If you don’t apply the patches, you leave yourself vulnerable.
Solution: Companies who have had a web site developed, but don’t maintain it are putting themselves at risk. Website data security best practices create rigor around keeping your database, themes and plugins up-to-date. You’ll also want to ‘harden’ your website security settings and have a strong firewall in place.
4. Password sharing / password weaknesses.
The easiest way to gain access to your small business software programs is to give someone your password. You may be sharing your password intentionally. Some companies share one password among employees to save money or for convenience. Other times password sharing may happen unintentionally. We’ve seen passwords written on post-it notes stuck to laptops. Now everyone who passes by while you’re working in the coffee shop can get into your systems.
Solution: Don’t share your password. Give each employee and contractor their own passwords. Have strong employee onboarding and offboarding procedures in place. Use a password software program like LastPass or Dashlane to create more sophisticated, and unique passwords for every site.
What about SaaS Software Solutions?
A question we commonly receive from clients is about online data security and the risks of SaaS (Software as a service) solutions. For example, with QuickBooks Online your financial data now resides on a server managed and maintained by QuickBooks. While that may feel risky, studies show that your data is usually significantly MORE secure when managed by a major online software company than when it resides on your own internal server.
Major software vendors like Microsoft and QuickBooks have invested in building sophisticated, multi-layer security systems. They do all the backups and keep the system up to date. DIY IT Services can be a mistake, costing you more in the long run than you’re saving. If you are considering using a smaller, lesser-known company, you should investigate their data security measures. If you’re not sure what to buy, consult a reputable IT services provider for help in software selection.
What about Cloud Business Application Hosting?
A trend in small business IT strategy is to move your databases and applications from your physical location in your office to a cloud hosting platform like Amazon Web Services (AWS) or Azure. The security measures you need to take are the same, EXCEPT with AWS and Azure, you have the advantage of using their multi-layered security measures, and you’re at less risk for things like fires, flooding, hurricanes and other disasters.
Most data breaches are preventable.
Following these simple steps you can avoid most data security breaches.
1. Train employees to be wary of suspicious emails and websites.
2. Don’t share passwords.
3. Change your passwords frequently and make them hard to guess.
4. Keep your software programs up to date.
5. Keep your website up to date.
6. Routinely use anti-virus software, firewalls and other data security measures.
7. If you don’t have IT staff, hire an outsourced IT services company to keep your IT environment secure.
8. Have backup and recovery procedures in place. If you need to restore your data, you can.
What if you get infected by a computer virus, ransomware or other malware?
The quicker you can respond, the more likely it is that you’ll be able to thwart your attacker. Your employees should know who to go to in the event of a data breach. Seek the help of IT Support for malware removal, and just as importantly, close the security holes that caused the data breach in the first place.
If you need help, give us a call at 586-275-1775!
About Eclipse Consulting
Eclipse Consulting is a Michigan IT Service provider, serving Metro Detroit businesses and offering remote services across the country.
TAKE THE TECHNOLOGY QUIZ
36414 Garfield Road
Clinton Township, MI 48035