6 Steps for Data Breach Recovery and Prevention

Data breaches can occur in a number of ways (such as through hacking, phishing or physical theft) and it’s unsettling to think about what could happen to stolen data if it falls into the wrong hands.


29 October 2013

6 Steps for Data Breach Recovery and Prevention

Data breaches can occur in a number of ways (such as through hacking, phishing or physical theft) and it’s unsettling to think about what could happen to stolen data if it falls into the wrong hands.

What should you do if your business experiences a data breach? What proactive measures should you take to minimize your risk of attack?

You may not know the answers to these questions, but fear not, companies can protect themselves against threats.

Let’s start with question one. If your company experiences a data breach – how should you proceed?

What steps should my business take if it faces a data breach?

  1. Inform company personnel: First, you need to inform select staff in your company about the breach. This may include personnel who will be responsible for taking action or response – most likely security, IT, finance and HR.
  2. Collect evidence: Then you need to gather and preserve any evidence related to the breach which can be used as support in an internal or criminal investigation.
  3. Contact external parties: Next you’ll want to consider which outside entities need to be aware of the attack (especially if the breach is a potential crime). These parties could include law-enforcement, legal advisors or your PR/crisis management team.
  4. Investigate: Once law enforcement becomes involved in the breach, you’ll want to carefully conduct your investigation to determine what information and which servers have been compromised.
  5. Address regulatory concerns: If your data center encounters a breach, your company may face compliance issues. You’ll need to address what these issues are, inform your legal team and then contact the applicable regulatory agencies.
  6. Notify those affected: This can be the most difficult part, but it’s imperative that you inform all parties affected by the security breach, especially if the information is highly-sensitive.

Now that you know how to handle a data breach, you should take steps internally to protect your organization from a future attack. Which leads us to the next question:

What proactive measures should my company take to minimize the risk of a breach?

  1. Create a data breach notification policy: Creating a data breach notification policy will let customers know what steps you’ll take if an attack occurs, while also ensuring that your company will follow the right procedures.
  2. Train IT employees: Employees responsible for securing your network should be trained on how hackers operate, how to spot a data breach and how to recognize phishing schemes.
  3. Establish company policies: To minimize the risk of an attack, all employees should have a clear understanding of what tools, devices and networks are allowed to be used and when. You should also educate your organization on the security and regulatory risks associated with using tools outside of company policies.
  4. Implement an enterprise-grade collaboration solution: To enable your organization to collaborate freely and securely, consider a file sharing solution that builds on your existing solutions, puts the end user first and does not compromise on security and control.
  5. Hire a security guru: Attacks are only becoming more complex and multifaceted. Your business should put someone in charge of security who can protect your company’s information.
  6. Maintain regulatory requirements: To ensure your business practices are compliant, it’s important for you to work with your security and legal team to understand the regulatory environment.

Continue to Prepare, Protect and Secure
The best way to avoid a data breach in your enterprise is to continuously prepare, protect and secure your organization and its information.

Taking these preventative steps to guard against threats will put you on the right track to securing your enterprise.

You can also check out our Sharing and Collaboration in Today's Workforce webcast to learn how to maintain control of data in your enterprise.



Meagan Parrish

Meagan Parrish

Meagan Parrish is the Senior Manager of Social Media at Intralinks. She is responsible for social media strategy development and the communications for Intralinks' online communities. Meagan has been creating social media strategies for a variety of companies across verticals for the past several years. She holds Bachelor degrees in Marketing and Finance, with a minor in English Literature.