Any bookkeeping, business or tax article contained in this communication, including attachments and enclosures, is not intended as a thorough, in-depth analysis of specific issues, nor a substitute for a formal opinion, nor can it be used to avoid tax-related penalties. If desired, we would be pleased to perform the requisite research and provide you with a detailed written analysis. Such an engagement may be the subject of a separate engagement letter that would define the scope and limits of the desired consultation services.

Responding To The Nightmare Of A Data Breach

It’s every business owner’s nightmare. Should hackers gain access to your customers’ or employees’ sensitive data, the very reputation of your company could be compromised. And lawsuits might soon follow.

No business owner wants to think about such a crisis, yet it’s imperative that you do. Suffering a data breach without an emergency response plan leaves you vulnerable to not only the damage of the attack itself, but also the potential fallout from your own panicked decisions.

5 Steps to Take

A comprehensive plan generally follows five steps once a data breach occurs:

  1. Call your attorney. He or she should be able to advise you on the potential legal ramifications of the incident and what you should do or not do (or say) in response. Involve your attorney in the creation of your response plan, so all this won’t come out of the blue.
  2. Engage a digital forensics investigator. Contact us for help identifying a forensic investigator that you can turn to in the event of a data breach. The preliminary goal will be to answer two fundamental questions: How were the systems breached? What data did the hackers access? Once these questions have been answered, experts can evaluate the extent of the damage.
  3. Fortify your IT systems. While investigative and response procedures are underway, you need to proactively prevent another breach and strengthen controls. Doing so will obviously involve changing passwords, but you may also need to add firewalls, create deeper layers of user authentication or restrict some employees from certain systems.
  4. Communicate strategically. No matter the size of the company, the communications goal following a data breach is essentially the same: Provide accurate information about the incident in a reasonably timely manner that preserves the trust of customers, employees, investors, creditors and other stakeholders.

Note that “in a reasonably timely manner” doesn’t mean “immediately.” Often, it’s best to acknowledge an incident occurred but hold off on a detailed statement until you know precisely what happened and can reassure those affected that you’re taking specific measures to control the damage.

  1. Activate or adjust credit and IT monitoring services. You may want to initiate an early warning system against future breaches by setting up a credit monitoring service and engaging an IT consultant to periodically check your systems for unauthorized or suspicious activity. Of course, you don’t have to wait for a breach to do these things, but you could increase their intensity or frequency following an incident.

Inevitable risk

Data breaches are an inevitable risk of running a business in today’s networked, technology-driven world. Should this nightmare become a reality, a well-conceived emergency response plan can preserve your company’s goodwill and minimize the negative impact on profitability. We can help you budget for such a plan and establish internal controls to prevent and detect fraud related to (and not related to) data breaches.

SHARE THIS POST NOW:
Share on facebook
Share on twitter
Share on linkedin
Share on email
Share on print

Read more

Introduction Tax season is often stressful for small business owners. With deadlines looming and complex requirements, many …

The Questions You Can’t Afford to Skip   Hiring a bookkeeper is a critical decision for your …

Introduction As the year draws to a close, small business owners often find themselves buried in receipts, …

CONNECT WITH US TODAY!

Address:
24044 Cinco Village Center Blvd #100

Katy, TX 77494

Phone:
(713)-855-8035

Email:
admin@fas-accountingsolutions.com

Sign up for our Newsletter 

Let’s stay connected! You will receive updates straight to your inbox.

Data Breach