7 Components of a Business Data Breach Defense Plan

Data Breach Defense Plan

Most businesses have confidential information stored, such as client or employee addresses, phone numbers, social security numbers, dates of birth or credit card information. A data breach could result in theft of client or employee confidential information. Individuals, known as hackers, may try to gain unauthorized access to private business or client data. The unauthorized intrusion could result in the viewing or stealing of confidential data. It is important that businesses have a data breach defense plan ready to take quick action.

Components Included In A Business Data Breach Defense Plan

  1. Appoint a Breach Response Team: One person from each department should be assigned to the response team. Be sure to include management leaders, security personnel, human resources, IT staff, customer service and public relations representatives on the breach response team. The breach response team leader should be in charge of coordinating the company’s response efforts. List names and contact information for each person appointed to the breach response team in the defense plan.
  2. Include Vital Tasks: All tasks vital to investigating the breach, steps to assess breach and public relations steps should be documented in the defense plan. The defense plan should be updated frequently.
  3. Journal for Documentation: A journal should be designated to document the date and time the breach is detected. Other details of the investigation may be noted in the journal as well. The journal is an important component of the data breach defense plan.
  4. Establish Relationship with External Sources: The breach response team should develop a relationship with law enforcement officials in advance of a breach. A relationship should also be established with a breach resolution vendor and an identity theft protection service. The names and contact information of law enforcement officials, breach resolution vendor selected and identity theft protection service should be included in the plan.
  5. Train and Update Staff: All staff should be trained on breach protocol. Staff should be aware of breach response team members and informed to call the team leader if an incident occurs. Members of the data breach response team should be assigned to train the staff. The staff should have access to copies of the data breach defense plan.
  6. Public Statement: A public relations response team member should prepare a statement in conjunction with top management leaders, the data breach resolution vendor and a representative from the identity theft protection service. The statement should include details of how clients or employees impacted by the breach will be contacted. The statement should be broadcast on a local news station. A sample public statement should be included in the defense plan.
  7. Notify Persons Affected: Notify persons affected by the data breach. Identity theft protection should be offered to each client or employee impacted by the data breach. The company should be prepared to respond to inquiries concerning the data breach. List details of the identity theft protection offer and sample notification letters in the defense plan.

* Photo courtesy of RT@Forbes Tech Symantec Voice: What Businesses Should Know About the FTC and Data Breaches by Humans Development at Flickr’s Creative Commons

Recommended Posts | Network Management

Analytics 101

Analytics 101: Before Jumping Into the Data Game

Analytical tools for your company's website will become invaluable, but jumping headfirst into big data can be daunting for small business owners. The metrics that flood from analytics will provide a business with a variety of tools and data that will help them expand their online presence ...
History Of Servers

Servers - A Brief Overview and History Lesson

Servers have been around a long time, starting out as room-sized super computers, becoming much more compact for the equivalent level of ability. To start off our discussion of servers, we're going to discuss server history, specifically what a server is and two influential servers ...
Faster WI-Fi Devices

Faster WI-Fi Devices are Causing Network Problems

BYOD wireless devices are putting a strain on enterprises wireless networks. iPhone 6 and other devices are now enabled with 802.11ac WI-Fi standard. The new wireless mobile devices have three times faster speeds than previous generations. However, performance are draining wireless network bandwidth ...
Is Your Company Out Growing, MySQL?

Is Your Company Out Growing, MySQL?

Companies are finding it hard to handle all the data their enterprises generate. IT departments find that data management is complex, quickly evolving, and requires other databases to handle their growing needs. One problem enterprises face today is the evolution of ‘super apps’ ...