What to do after a Data Breach
It’s not something most MSPs think about, but it should be. Data breaches are an unfortunate reality of our life, and it is not a question of when not if it will happen next.
For MSPs, the question is whether it will be a breach of the MSP’s network or a customer. While it is easy to defend against cyber attacks, should an attacker get through the defenses the next steps you take can mean the difference between being a hero or being the cause of the problem.
There are far too many variables to cover in this article, but there are some best practices every MSP should be prepared to implement.
Data Breach Response Plan
The first step is to have a plan. Just like you have a plan for business continuity (hopefully) you should also have a plan in the event of a data breach. A data breach plan should consider both breaches internal to the MSP network and the customer network. It really won’t matter much after the breach happens, but having a plan to put into action is very important and will eliminate a lot of missteps during a crisis.
It’s what MSPs do for customers, so it shouldn’t be that hard to point that monitoring technology to the inside. Cybercriminals are targeting MSPs. This is a new reality we all have to face. MSPs need to be watching their perimeter as diligently as they watch their customers. Effective network monitoring will help prevent a data breach from happening, but should it occur, knowing about the breach is the next best thing.
Part of your data breach plan will be a communication strategy. Once the breach has occurred, you’re going to have to tell someone. This could be a lawyer (that’s probably your best and first call to make), your internal team, and possibly a customer (if it was an isolated attack).
A breach notification strategy is essential, not only because it is the right thing to do, but because it is required in most developed countries. All 50 states in the United States have data breach laws; the same is true with the European Union. The point is, much of the world now has a data breach notification law, so MSPs had better get used to the fact that this type of external communication is part of being in the managed services profession.
These are just the basics. There are more involved steps your MSP practice will need to take when a data breach happens. Being prepared is half the battle. Having a documented plan you can follow to simplify the process while all mayhem is breaking loose is essential for fulfilling your obligations and keeping your customers (and employees) calm.
MSPWorld will be holding a session on this topic. Register today to attend.