What to Do When There is a Data Breach?

In the recent Ponemon 2018 Cost of a Data Breach Study, sponsored by IBM, stated that the numbers of impacted data theft have had on businesses is staggering. Not all of the data was disheartening though. When it came to reducing costs, it was found that the faster the breach could be identified and contained, the less impact overall.

In situations where a breach of data resulted in less than 1% of client loss, the average cost of the breach was $2.8 million. In situations where a breach of data caused a loss of 4% or more of customers, the cost of the breach rose to an average of $6 million. Your company must have a plan when it comes to data breaches, and partnering with a strong managed IT service provider could be the difference between surviving an event or becoming just another statistic. Here is how you should work with your IT professionals:

Be Proactive, Not Reactive

Before going over what you should do in the event that there is a breach of data, you need to consider first what you’re doing to prevent a breach of data. Depending on the size of your business and the nature of the types of data you retain, you could be handling most of your IT needs in-house, including data protection. This might have been a viable solution 10 years ago, with much of your data maintained onsite on internal servers.

In today's business, more companies opting for cloud data management, you’re better served considering partnering with an IT managed services provider. This will free up valuable resources and manpower to focus on revenue generation while the service provider ensures you will have a response plan in place, as well as protection and expertise on three fronts:

  • Managed IT Services: From providing cloud solutions and data management to protecting your communications systems through monitoring the security of your devices, a service provider can devote constant attention to the health and integrity of your technology infrastructure.

  • Cybersecurity: With your data flowing from your companies devices to the cloud and back constantly, you need to ensure through encryption and other security measures that the data is constantly protected and data integrity monitored.

  • Data Storage and Backup: Depending on your industry and the type of data you retain from clients, there are requirements as to how long that data must be retained. You might also be a company that is constantly referring to historical data and research and you need to access backed-up information at a moment’s notice. A data management solution that scales to your needs and keeps your information safe, intact, and accessible 24/7 is crucial to your success.

Breached? Respond with Intent

What to do in the event of a breach is one of the few topics on which the internet seems to be aligned. Discussions with professionals across the spectrum can be reduced to 3 necessary actions when a breach has been discovered. First and foremost, stop the leak. Whatever allowed the breach to occur, it must be addressed and the data secured to minimize the impact. Next, after consulting with legal counsel regarding the specifics, you must make an effort at transparent communication to the proper parties – affected clients and regulatory agencies – with a detailed and well-structured message that covers: what happened, who was impacted, and the plan to address and prevent in the future. And finally, you put into action your plan for mitigating and managing the impact on those affected and put into place preventative measures.

You Shouldn’t Be In This Alone

Whether you already have a managed service provider, or you’ve had a breach and need to implement safeguards and change throughout your organization, you shouldn’t be managing your IT services without the assistance of professionals.


A managed IT service provider will give you the peace of mind knowing that everything that can be done to protect your client data is being done, as well as provide you with a sense of security knowing if there is a breach, that the service provider will have an incident response plan in place and help guide you through the aftermath with minimum impact on your business. Consult with a professional IT service provider like Ambit IT today before you become another statistic.

Previous
Previous

Is Your Business Email Susceptible to Malware?

Next
Next

SMB & Home Offices at Risk, Missing Firmware or Security Updates the Main Reason