Most businesses are forced to close shop after experiencing a data breach and those that manage to stay open rarely reclaim the success they experienced prior to the breach. You can’t undo a data breach once it has happened to your business, but you can help mitigate the damage of a data breach and save your company’s reputation if you respond correctly.
Early warning signs that your business has been breached include erratic behavior of your computers such as new software suddenly appearing on your hard drive, new features mysteriously added to your web browser toolbar, and antivirus software settings that are changed or turned off without your prior knowledge.
Here are the steps you should take if your business experiences a data breach.
1. Investigate the Breach
You need to investigate whether the warning signs you are experiencing are the result of an actual breach or a software glitch. You can rule out a software glitch by consulting with the software manufacturers of the programs that you are using. If it turns out you’re dealing with a data breach, you will need to identify:
• All the computer systems and applications affected
• The origin of the breach
• The identity of all victims including customers, employees and vendors
2. Contain the Breach
Your top priority for containing a data breach is to shut off all possible avenues the breach could be coming through and stop traffic to those affected areas. This includes:
- Rerouting network traffic
- Obtaining an uninfected backup copy of critical data and restoring it to a new network
- Abandoning the previous infected network
- Changing all passwords
You should also keep track of all the costs and expenses involved in containing the data breach as this will be needed when you file a criminal report and a data breach insurance claim.
3. Notify Those Affected
In the notification phase of a data breach response plan it is important that affected victims learn of the breach from you and not from the media or other sources. Because your company’s reputation and sheer existence is on the line, how well you manage notifications and when you notify possible victims is of critical importance.
The first people that you want to notify are managers and the affected employees. From there you should notify your local law enforcement agency and the FBI. Both agencies have a vested interest in cyber and data security and can guide you on how to contain your data breach and when to notify customers and vendors. If you have data breach insurance, notify your carrier as well. Data breach insurance from The Hartford for example, provides valuable support services to help their small business customers successfully manage data breaches so they can continue to thrive after an incident.
4. Manage Customer and Public Relations
How you break the news of the breach to your customers, vendors and the public can be a strong determining factor of whether your business survives or closes. It’s common to send out an email, but it’s also a very good idea to set up a call center to handle questions that affected individuals may have. In your communications, it’s important to accept responsibility, explain why the breach happened and the steps you are taking to make things right.
It’s also important that you explain how you will prevent this from happening in the future and invite affected individuals to discuss this situation with your company. Lastly, if you’re providing credit monitoring or any other service or special offer, include information on that in your notifications.
5. Learn How to Prevent Data Breaches from Happening in the First Place
The best data breach response plan is one you never need. It’s imperative that you take all necessary steps to protect your business – and customers – from falling victim to a data breach.
This 30-page e-book provides information you can use to help protect your business – and its reputation – from a cyber-attack.
You’ll learn:
- The most common cyber threats small business owners face
- The best practices that you and your employees can follow to prevent a breach from happening
- How to determine if your business is capable of handling a data breach with in-house resources
- Who to turn to if you don’t have the capabilities of handling a cyber-attack on your own
And much more!
A data breach can happen at any time and small businesses are common targets. Knowing your business is vulnerable to cyber-attacks, don’t let another day go by feeling unprepared.
Next Steps: You’re busy. We get it. So why not let us do some work for you? By signing up for the weekly Small Biz Ahead Newsletter, you’ll receive hand-picked articles, How-Tos and videos covering the latest in small biz tools and trends. We’ll do the research while you spend your time where it counts: managing and growing your business.
View Comments (17)
Hey, this is a very informative article about Small Businesses. I learned some steps to do if your business suffers a Data Breach.
We're glad you found the article informative. Thank you for commenting!
Do you offer cyber insurance for small businesses?
Hi Marie, we do! Learn more here: https://www.thehartford.com/cyber-insurance
I need to talk to someone as soon as possible your phones are not working.
Thanks for reaching out, Jodi. Is this sales or service related? We can reach out to you!
I also disagree with the order of response and not the content provided. Before contacting any customers, you need to contact your attorney and your insurance carrier. If you have the proper cyber insurance, the carrier should have a breach response team to help you communicate with the proper authorities and customers.
Hopefully I’ll never have the need to find out, but I have no idea what/how to follow through with your steps to follow. Is there more detailed step by steps to follow for folks like me who have no idea how to know if they’ve been breached and how to investigate or where to find the origin of the attack? Also, since I do not use online quickbooks am I safe from breaches to my quickbooks ? I do not store customer credit card info or any other vital info on my quickbooks so what other kind of info would a breach be looking for? Examples? Any further help so I can be more prepared would be greatly appreciated.
This seems to be a pretty straightforward approach for data breach. In actual situation, things are not as simple as it is highlighted in the blog post. In most cases, organizations don't even realize that they are breached and what measures to take in case of a potential breach.
Thank you for your feedback and insights!
These steps are really helpful, good writeup.
Thank you for the comment!
We are interested in obtaining a cyber policy.
Hi Christy,
You can learn more about the coverage and get a quote right here: https://www.thehartford.com/data-breach-insurance?cmp=XXC-SC-Content-00971324
Elizabeth
Does The Hartford have any type of Cyber Insurance policy available?
Yes, we do and you can get a quote here online: https://www.thehartford.com/data-breach-insurance?cmp=XXC-SC-Content-00971324
Elizabeth
We respectfully disagree with the order/priority of your steps in What to do When Your Small Business Suffers a Data Breach. Your first priority is to Contain the Breach. Recommending the first step as Investigate the Breach fails to convey the urgency in stopping the damage and could waste valuable time. The investigation steps are sound but could take days or weeks to perform and taking that long when an actual breach is occurring/has occurred could be disastrous.
We recommend the first priority as Contain the Breach with the first sub-step being to Quickly Confirm the Breach to identify any false positives (like a software glitch) and only then Investigate the Breach.
We also recommend you consult your attorney as soon as possible. A knowledgeable attorney is essential in ensuring you are performing all the steps necessary to reduce your legal risk.
Winquest performs Assessments and Incident Response for businesses who have suffered data breaches and would be happy to work with The Hartford in any capacity desired.