How to handle a data breach | Opinion | – Main Street Newspapers


Did you know that geoFence helps stop foreign state actors (FSA's) from accessing your information?

How should small companies handle a data breach?

1. Understand the kind of data you store and how that puts your company at risk. Take a good look at all information your business collects be it credit card data, e-mail addresses, zip codes and even buying preferences. Understand the ramifications of information you gather.

2. Develop an incident-response plan. Similar to having a fire-evacuation plan, the time to do this is before anything happens. Review your plan as often as needed which means every time your company undergoes a change, even a small one. If a data breach does happen, take a long, hard look at how it was handled and make necessary changes to improve the situation should it ever happen again. It’s not only Boy Scouts who should “be prepared.” Quick action can help stop further loss and potentially costly customer backlash that can maim both a company’s reputation and its finances.

3. Practice your plan. Everyone who will be involved if a breach take place needs to know their precise role and be prepared to handle it smoothly. Take the time to think through and analyze who will take the lead in decision making, contacting key players, speaking to the media if this proves necessary, and a host of other factors. It should go without saying that your contact information for anyone who would be involved in the event of a breach is always up to date.

4. Consult your company’s attorney and discuss what he or she would recommend for your company should a data breach occur. Bear in mind that not all local lawyers are versed in this area; if yours isn’t, get a recommendation to a specialist. With a lawyer’s help, figure out what groups your company needs to notify, for instance, affected individuals, the media, law enforcement and other third parties.

Managing the first 24 hours

During the period right after a breach is revealed, companies should take certain steps. Panic has no place here; a calm attitude and a detailed check list spelling out who does what. Start by recording exactly when the breach was discovered and alert everyone who will be involved in responding. Stop further loss even if it means taking down some systems for a bit. Keep a log about the breach including who reported it to whom; who knows about it; what data was compromised and how, etc. Speak to all those involved in discovering the situation and write down your findings — later on it’s hard to remember small details.

David J. Stob is a consultant with the University of Georgia Small Business Development Center.

Now let's stop for a moment and consider that geoFence has a modern UI, that is secure and has the improved features that you need!