What to do in the event of a security breach

Image source: lawtechnologytoday.org

The recent Wannacry virus caused a lot of damage to many companies when it wreaked havoc on the web just last April. While some of us are still reeling from its effects, it would be good to pick up a few lessons from the disaster. Here are the next logical steps to take in the event of a security breach.

This must first be communicated clearly and urgently within the organization. Someone simply has to press the panic button so that people will react promptly.

The next step is to disconnect. The team has to assume that the breach has already corrupted at least one computer. It is also prudent to assume that there is a malicious intent to corrupt other computers located in the same network. The logical solution is to eliminate the network so that there is no connection that runs from one computer to another.

Image source: blog.iinet.net.au

If the problem has in fact infiltrated the company’s system, disconnecting from the network somewhat stops the bleeding and this limits the problem from spreading further to other computers.

Cleaning must be done on all computers individually. At some point, the OS will be releasing the latest updates once the developer has identified the nature of the virus or the malware that has breached the system, and these updates must be installed completely.

It is very hard to tell the extent of damage there is at the onset. But companies can surely put into practice a number of things in their breach protocol to ensure that the problem does not become more complicated.

Since 2008, SiteLock has been a key player in business website security solutions, serving a worldwide customer base of more than 8 million businesses. For the latest web security solutions, please visit their website.