The Baran Agency’s Breach Response Playbook
December 2, 2020 at 5:00 AM
The Baran Agency's breach response technique helps mitigate the damage of an attack.

Data breaches are a growing concern for IT professionals because hackers continue to find new ways to infiltrate business networks. When they’re able to get in, it compromises sensitive information and can bring your company’s production to a halt. Even with the most stringent preventative measures put into place, a data breach can happen to you, and when it does, you’ll need to know how to handle it to avoid additional problems. By following the Baran Agency’s breach response guidelines, you can mitigate the damage and safely get back to business as usual.

The Baran Agency’s Breach Response Checklist

Diagnose the extent and cause of the damage.

If your company suspects a data breach, the first thing to do is determine what data is at risk. Review the data map showing where all of the company’s information is stored, and compare that to the scope of the breach to better understand the full scale of what was compromised. This will help guide you in how to best respond. Once you know what information has been affected, try to determine how the infiltrators got into the system. Knowing whether it was from phishing, malware, ransomware, or employee error will also affect how to best respond to the breach.

Take action to prevent further data loss.

Once you’ve ascertained the full scope of the attack, the Baran Agency’s breach response recommendation is to secure all physical areas that are potentially related to the problem. Lock up any possible network access points, change employee entry codes, and immediately take the affected equipment offline. However, don’t turn off any of the machines until a forensic expert has inspected the systems. During the investigation and recovery process, monitor all entry and exit points, and replace the affected devices with clean machines.

Test the implemented solution.

It’s difficult to know the extent of what servers and devices are still vulnerable to attacks, so you need to continually test the short-term security fix to prevent additional access to your data. Check the network connectivity, monitor the data, and ensure there’s no attrition or loss of packet speeds. This keeps the attacker from using the same method to breach your company again. You should also change and strengthen all online logins, passwords, and security Q&As to further secure the network.

Alert all affected parties.

While it can be difficult to admit a problem has occurred, it’s always better to get ahead of the news than let employees and clients find out from other sources. Being honest with everyone impacted helps to manage your reputation and maintain a sense of trust. Be open and sincere, and accept responsibility if it was the company’s fault. Maintaining a dialogue is crucial for salvaging those business relationships and preventing future problems.

Educate the workforce on best security practices.

A lack of knowledge is one of the primary causes of data breaches, so provide continuing education to your staff on identifying and avoiding potential threats. Make sure all devices that use the company network have anti-malware installed, and impose limitations on social networking while on connected devices. You can even do regular lunch-and-learns to ensure everyone understands the risks and follows the preventative measures to avoid future attacks.

Learn more about the Baran Agency’s breach response strategies.

Our team has received specialized cybersecurity training by highly qualified ex-military agents and have honed our techniques through government protection services. We provide the highest level of security for mid-sized businesses across the country, and we’ll help you keep your network and data safe from outside threats. Visit us online to schedule a consultation for your company’s security measures and response tactics.