Tip of the Week: How to Know if You’ve Experienced a Data Breach

Your data is vital to the success of your business, and as such, it needs to be protected. Can you identify the warning signs that someone has managed to get past your protections to access your data?

According to the Identity Theft Resource Center, or ITRC, there were 781 data breaches in 2015 within the United States alone. This marked the second-highest number since 2005, when the ITRC began to track these occurrences. Of particular interest, the ITRC report noted that, in 2015, the business sector saw the highest percentage of publically reported breaches with almost 40 percent of all reports coming from business organizations. What’s more, motive analysis saw that more and more thieves sought financial gain through accessing sensitive personal data.

Presumably, the report for 2016 should show more of the same.

Business owners should therefore be extremely cautious and prepared when it comes to possible data breaches, not only in terms of preventing them but also in terms of identifying them within their organizations. What follows are some best practices to assist you in determining if a data breach has occurred on your systems.

First, determine what is normal within your systems.
After all, you will need to know what is right to identify if something is going wrong. This can be largely accomplished by familiarizing yourself with the typical goings-on of your employees at different times of day, and with different levels of access.

Keep an eye out for unusual activity.
There are numerous warning signs that a data breach has occurred in your systems. These warnings might be as subtle as a piece of equipment suddenly becoming slower. They may include:

• Unusual/unapproved programs: If there are suddenly unauthorized programs appearing on the company’s workstations, you may have a breach. You must be diligent in keeping an eye out for such red flags, as well as encouraging employees to do the same by insisting that they report any sudden appearances of new software that were not mandated by the company.
• Unexplained “employee” activity: Have records suddenly shown users logging on to the system at odd times and from odd locations? Are your accounts being altered without your knowledge or approval? Have employees suddenly had unexplainable difficulties in remembering their passwords? These are also indicators that your system has been breached.
• Other breach attempts: Have you had to fend off an overt cyber attack recently, such as a Distributed Denial of Service attack? If so, these attempts may have served a secondary purpose as a smokescreen to conceal a more insidious attack. It’s becoming a best practice to assume that an attack isn’t over, even when it’s over (because it may not be).

Educate your employees.
The first and last line of defense against most cyber threats is educated vigilance, including from your end users. Make sure your employees are also aware of the signs of a data breach, as well as other security threats. i-medIT can help you to keep your systems safe from these attacks as well. To see what we can set up to keep you secure, reach out to us at 630-549-6199.