Close this search box.

What to Do After a Data Breach

Data breaches occur in every type of industry – healthcare, retail, financial services, communications, and any business you can think of. Proper planning to avoid data breaches is always the first priority. The best way to respond to a breach is to make sure it doesn’t occur in the first place. Still, breaches do and will occur. Businesses should have a separate plan in place to properly handle the legal, business, and technical decisions that need to be addressed immediately after a breach happens.

Key methods to deal with a security breach

The essential components of any data breach plan include:

  •       Execute the Disaster Recovery Plan. Every company should have a disaster recovery plan in place before a breach occurs. The plan should address the full range of hardware, software, and data issues. Cloud servers are a key component of any disaster recovery plan. Computer logs should be reviewed to examine firewall breaches and other computer activity to help compare how the system was operating before and after the breach.
  •       Evaluate the Business Impact of the Breach. Businesses need to determine the types of economic losses the breach caused and place a dollar value on each type of loss. Insurance companies won’t pay unless the losses can be verified and accounted for. Good valuation requires that the company take an inventory of its assets on a regular basis and that it work with its accounting office to be able to verify damages, such as loss of income, in case some assets are not able to be recovered.
  •       Review Damage to Intellectual Property and Company Trade Secrets. There needs to be a review to see if the valuable business assets were stolen or damaged so that proper business decision can be made such as whether to prosecute wrongdoers, if possible, and how to defend against use of the property by the entities that stole it.
  •       Review Damage to Customer Data. Decisions will have to be made about whether all backed-up data should be restored or if the current data that was damaged should be repaired. Backed-up data always means the business will lose its most recent entries.
  •       Determine Why and How the Breach Occurred. It must be determined whether the breach was internal or external to the company. Once the motive for the breach is determined, and the necessary steps have been taken to minimize economic damage, a review needs to be taken as to what steps can be taken to prevent future breaches. Where were the gaps in your existing security measures? Steps include reviewing your disaster recovery plan with third-party advisory services for data breaches, such as data centers. An internal review by your IT department of the information system infrastructure should also be conducted.
  •       Cooperate with Local Law Enforcement. If the breach is due to suspected criminal conduct, the company needs to be ready to review the incident with local law enforcement. There are also federal and international agencies, such as Homeland Security, that may get involved in the investigation. Cooperation can help stop any misuse of your data and prevent future attacks.
  •       Understand the Legal Liability Issues. The legal department needs to be informed of the breach for several reasons:

o   To help in the investigation

o   To make sure regulatory compliance issues and notice requirements are met

o   To prepare for customer complaints, especially if the data is misused.

Most important next steps you should take

Every data manager or IT manager has a different idea of what the one crucial next step is after a data breach. One of the most important steps is communication. Everyone in the company that needs to have notice of the breach should be notified. Clients should be notified, and a press release should be prepared. The notices should indicate, to the extent the company knows:

  •       Why the breach occurred
  •       What steps are being taken to mitigate the breach
  •       What steps are being taken to prevent future breaches.

The purpose of these notices is twofold—to apologize, and to inform. Everyone should be educated as to what steps are being and can be taken to minimize future breaches.  The company should conform to legal notice requirements for computer breaches.

Be prepared to act the moment a data breach occurs

The time to be ready for a data breach is not when the breach occurs. It is months, or even years beforehand. Companies should review and update breach recovery guides with their internal IT department and with any third party advisory services for a data breaches. Data centers can be a valuable resource because they know many of the legal, practical, and technical issues – and have developed their own breach security guidelines. To prepare for a potential breach now, call Volico at 888-865-4261 and get help from our professionals.

Ready to See How Volico Data Center Can Help You?
Got questions? Want to talk specifics? That’s what we’re here for.
Have one of our friendly experts contact you to begin the conversation. Discover how Volico can help you with your Data Backups needs.
•  Call: 888 865 4261
•  Chat with a member of our team to discuss which solution best fits your needs.

Share this blog

About cookies on

Volico Data Centers use cookies to collect and analyse information on site performance and usage. This site uses essential cookies which are required for functionality.  More detail is available in our privacy policy. Learn more

Skip to content