Below is a suggested response and recovery plan so educational institutions are better prepared for incident management:
1. Assemble Incident Response (IR) Team: The response team should include top management including the Principal, Chancellor, PR Manager, IT Manager and anyone else who can contribute to issue resolution.
2. Identify What Has Been Impacted: Verify if the incident has actually happened and if the answer is yes, identify what has been compromised, how, and what the anticipated loss is. In most of the cases, the data breach happens through a combination of people, processes and technology.
3. Data Exposure Assessment: It is important to assess the data compromised and components of the data including names, addresses, telephone numbers, social security numbers and financial aid. As the first step, it is crucial to identify what all data is stored in the current systems and the second step is to classify the data as per their criticality. Even the identification and removal of unnecessary data lessens the burden on the system and helps to organize and improve data security.
4. Damage Control: Once the type and scope of data exposed is determined, it should be immediately resolved by deleting the shared email, destroying the copies, or whatever is possible. After that, steps should be taken to reduce the exposure of the impacted data for repeat threat.
5. Response Plan: The response team should create a proper response plan as the reputation and branding of the institute gets directly impacted by the amount of response time taken after the breach detection. If required, the impacted individuals should be informed about it including source of the breach, emergency point of contact, means to resolve their queries and compensation, if required. It is also mandatory in some states to inform governing authorities about data breaches as part of the Federal Law.
6. Act Now: Identify the lessons learnt from the incident and take necessary actions on immediate basis to avoid such situations from happening again in future, including implementation of various data loss prevention tools.
While the institute may have to spend time, money and effort in diagnosing and taking preventive measures for enhancing data security, any proactive measure taken will help in preventing future financial loss as well as the loss of reputation and trust.
No comments:
Post a Comment