Your business has been hacked, but it doesn’t need to be the end of the world! By taking the right steps following a breach, you can control the situation and your reputation with employees and customers, all while restoring your information and adding additional protection.
This article is brought to you by AVG Technologies, the provider of Internet and mobile security, privacy and optimization to 150 million active users. There’s nothing small about small business in our eyes. Get more information how AVG can help your small business stay protected – go to http://www.avg.com/us-en/internet-security-business .
You’ve Been Hacked: 6 Steps To Handling The Situation and Protecting Your Business
Businesses face breaches around the world every day. If you’re reading this, you’ve either been faced with a serious hacking incident at some point or are curious of what to do in such an event. As many as 90 percent of businesses have been hacked in their lifetimes. And we’re not talking about defacing a website. The survey the report refers to only takes network and database breaches into account. These are the most serious, since hackers can steal customer data and everything you hold precious.
59 percent of the companies participating in the survey have suffered breaches more than once and 41 percent have suffered half a million dollars in damages or more. These kinds of incidents don’t just cost money. They also cause employees and customers to lose trust in you.
So, you got hacked. What do you do? There’s no easy way to deal with a security breach, but you can start telling yourself it’s not the end of the world after you do these things:
Identify Breach. Find out exactly what kind of breach occurred. Check your bank accounts, “Sent” folders in email accounts, database logs, and any other relevant data stores where you might have been compromised. Search for clues that show where the hacker has been. Once you have that information, you’ll know where the hacker has been and where the holes in your security are.
Get IT professionals in on the case. Cooperate with them only as much as necessary, giving them the access they need to perform a full analysis. They’ll be able to tell you how the hacker got in and perhaps even let you know what you could do to prevent this from happening again.
Notify Authorities. Notify authorities, especially if there are signs of a “calling card” left behind. Some hackers like to take credit for their work and leave behind an alias or something unique. Give authorities all the information they need to assist with catching the crook.
Tell Employees and Customers. Make a statement to all employees and customers, even those who you might think were unaffected by the catastrophe. You really have no way to know who might have fallen victim to the attack collaterally. The best thing to do is be straightforward and honest to them so that they may also take measures to protect themselves. This might damage your company’s reputation a bit, but you’ll suffer even more if you don’t come out with the truth about this incident.
Only Share What You Have To. Tell customers only what they need to know. There is such a thing as giving away too much information. Tell them you were compromised, but don’t reveal too many details about it. Give them only enough information so they get the general idea. You must let them know exactly what kind of information was stolen. For example, if the hacker got access to customer passwords, let them know of the fact and advise them to change their passwords on other accounts. Be courteous and reset their passwords on your database as well.
Take Measures To Avoid Future Breaches. Work with everyone involved and give them the reassurance that you are taking measures to prevent the situation from repeating itself in the future. For many people, this is sufficient. Unfortunately, you will lose some respect from customers, but it’s part of life. You must move on with determination.
Breaches can be frightening, and nobody really is ever completely prepared to face one. With these pieces of advice, you’ll pull the reigns hard enough to steer your company in a more desirable direction. It really isn’t the end of the world.