Data leak| season one, week 3| What to do in case of data leak by @nova001 | 10% to steem.skillshare
While data breaches are unfortunate (some would even say inevitable), there are steps an organization can take to minimize the damage to data and systems while maintaining brand reputation and customer trust. The most important step is preparation.
%20(1).jpeg)
Source
Do you have internal incident response resources and a plan in place? If not, contract with a firm that provides this service. We also have the legal side of the issue? Are your lawyers competent enough to guide you through the burden of notifications and retaliatory obligations? When was the last time your team tested a prepared plan during a mock data breach? Are roles and responsibilities clearly defined in order to act in a unified manner?
When a real leak occurs, you won't have time to look for answers to these questions. An effective and timely response requires careful preparation. Although it is impossible to cover all aspects, the main thing is that your response department should work together with lawyers.
In addition, there are three main types of measures that you can take during a data breach.
Notify victims
This step may seem obvious, but in reality is neglected by many. Trust is extremely important in business. At first glance, it may seem that it is better not to disclose information about the incident, but in the long run, honesty wins. Moreover, there can be heavy fines for hiding information about a leak from the public and the state.
%20(2).jpeg)
Update passwords for all accounts
Whether it's employees or users who pay for your services, an important step is to reset passwords on all accounts. This measure has a dual purpose: locking out accounts stolen by an attacker and forcing users to change passwords that could be compromised.
How to prevent data leakage
While there are many steps an organization can take to reduce the risk of data breaches, there are a few simple steps to improve security:
Implement a security policy.
Adhere to the principle of least privilege.
Implement a corporate password policy.
Train employees.
Security Policy Implementation
Implementing a security policy or program that focuses not only on protecting sensitive information, but also on the accounts that provide access to that information, is critical to mitigating risk. Why? Because accounts and data are two common denominators in every leak incident.
Principle of least privilege
the principle of least privilege is important to follow. That is, when all employees and accounts (especially privileged users) have an access level in strict accordance with the functions performed. Once again, especially in the case of privileged users, a Privileged Access Management (PAM) approach should be followed where, if not necessary, the use of such accounts is completely excluded. When all users have access to only the resources they need, the risk of an individual account being compromised is reduced exponentially.
.jpeg)
Corporate password policy
By implementing a company-wide password policy, your organization will be protected from many attacks on authentication mechanisms. This policy includes disabling weak or already compromised passwords, regardless of whether these passwords meet complexity requirements.
If you do not want to use the rules about the periodic change and complexity of the password, then the recommendations are as follows: two-factor authentication, a long password of at least 15 characters and no leaks in the database. If the password is found in such a database, a replacement is required. Otherwise, the password may remain forever.
Staff training
Perhaps the most important measure on this list. Organizations must spend time and other resources training employees
I know i'ld have paid heavily to access information as helpful as this. Thanks for sharing it freely with us here. We would love to see more from you.