Measures to be taken if your business experiences data breaches or security

Data hacking is becoming more and more common as hackers become more sophisticated. Your business may be hacked through a vendor or organization. For example, according to the Washington Political Center, data from 650,000 former and current business owners were uncovered in January when data from the Washington State Licensing Department were hacked. You may also face the fact that hackers take personal information from your server or succeed in attempts at phishing or fraud.

“It’s not about when, it’s about when it will happen,” said Angela Anderson. Coastal Public Bank SVP, Information Security Officer. Anderson oversees the Information Security and Fraud Investigation Team at the Bank and oversees more and more fraud attempts against customers and the Bank.

“We see and hear about more fraud and security breaches for small businesses than for large businesses, mainly because they do not have the same level of resources to invest in systems and policies to protect them,” she said. “However, regardless of your willingness, every person and business is at risk of hacking through their personal or business accounts or through suppliers or organizations with which they do business that are equally at risk of hacking and hacking.” She warns: “It won’t stop. It will get worse as hackers develop new skills and tactics. ”

Anderson has advised businesses in the region after they experience data breaches or security, and advises businesses to take some important steps after they learn of the incident. Although each violation is different, she said these steps can help your business after the autopsy.

Secure your operations: To prevent many violations, protect physical sources and data sources related to the violation. Change access codes, credentials and passwords and stop additional data loss by disabling all affected equipment offline so you can estimate the extent and source of the hack.

Investigate the violation: Find out how it happened and what information was obtained or stolen.

Fix vulnerabilities: Review the access rights of service providers and providers and check the access rights. Check your network. Is it segmented so that hacking on one server cannot be propagated to another server or site? If your business outsources your storage and network, talk to your provider.

chat: Assess who needs to be notified or notified of the incident and who is affected, such as employees, customers, investors, suppliers, business partners, other stakeholders, your legal team, and law enforcement. When planning a communication, include key details that can help those at risk to protect themselves and their information. Avoid public exchange of information that could endanger the affected parties. Keep the communication lines open. Be transparent with your employees and customers about what happened and what you are doing to fix the problem.

Plan for the following: Once data hacking occurs, protect your business from the following. Train employees on what to look for, browse all systems, set up alerts, change passwords regularly, set up 2-factor authentication, and monitor financial accounts.

“Once you’ve experienced hacking or your business is facing security risks, set up systems to protect your business from future attacks or hacks because your business will always be the target,” Anderson said. She advises businesses to refer to Federal Trade Commission website for resources and guidance to help respond to and protect your business and customers from attacks.

Angela Anderson is an Information Security Officer at Coastal Community Bank. For more information, please contact a banker at one of the 14 local Coastal offices. FDIC member. Equal housing lender.

Source link