It’s not if, it’s when.

From innocent human error to bad actor criminality, a data breach is an inevitable consequence for communication technology vendors.

This most-feared of events can wreak untold havoc on victims: monetary loss, reputational disaster, fines. Indeed, in the case of small businesses in particular, 60% of those who suffer a breach are gone altogether within six months.

Experts in data protection are brutal in their assessment of the risk, asserting that preventing a breach ever occurring is simply impossible. However, they can support telcos and Managed Service Providers in being as prepared as possible and help mitigate the effects when disaster does strike.

With the complexity of communication technology intensifying all of the time – and the volume of data increasing exponentially – they are essential, often out-sourced, specialists capable of delivering a level of return on investment that is impossible to overstate.

Picking the right one is about as important as it gets.

“We deal with two or three data breaches a week and we have a tried and tested process to help organisations recover, however we are seeing an alarming increase in frequency and severity – advanced preparedness is the differentiator between a business that survives and one that does not,” says Dr Scott Allendevaux, senior practice lead at the UC professional services practice Allendevaux & Company, which helps enterprises all over the world achieve and maintain that preparedness and respond when a breach occurs.

“Telcos and MSPs should think of themselves as a city in the context of a fire risk. Every city will experience a fire because they are impossible to prevent. But cities are prepared because they have proactively employed firefighters with the right equipment who know how to respond. If they had not, then cities would burn down. Businesses at risk of data breach must be proactive too.”

In Allendevaux’s case, that means ensuring its UC provider customers are kept up to date with threat intelligence and emerging vulnerabilities; can execute a tested incident response plan comprising clear responsibility and communication protocols; carry out regular audits and security risk assessments; and have in place an effective and perpetual employee training programme.

In the case of a breach occurring, its customers are often contracted by end users to activate a written and agreed response plan that requires specific actions within specific tight time frames.

“It is obviously essential to detect, identify, and contain a data breach as soon as possible,” says Allendevaux.

“Containment in particular is so important. We immediately ascertain if a breach is contained or if it is still ongoing. If the breach has been caused by a bad actor, is that bad actor still in an organisation’s system? Is that bad actor’s software still running? Has it hidden itself somewhere else in another service? Have the organisation’s legal requirements around data breach been met? Have the correct notifications been made to the correct people? These can be complex workflows which all require swift and effective execution at precisely the time when an organisation and its staff are under the most intense pressure. That is why it makes sense to look to an expert provider partner for help and support.”

Once containment has been achieved, it is then best practice to move to an investigation phase: determining via a step-by-step, time-stamped process of forensic examination when and how the breach happened in the first place and how to prevent a repeat.

Next is the recovery phase: restoring, validating, and monitoring the service, and documenting and reporting the entire event – a highly-technical and detailed document which in many cases must be fit for consumption by government regulators.

Finally, organisations must then learn lessons so that each time a breach occurs, it is better at responding.

“In our case, we superintend all of those processes,” says Allendevaux.

“We are able to deploy different team members with different specialisations and certifications to different phases of a breach. Sometimes that can be done virtually and other times our people are a physical presence inside a customer organisation for as long as is necessary. Of course, we are an external resource, but it is extremely important for the relationship to be a close and trusted one. Only then can the implications of a data breach be kept to an absolute minimum.”

It seems preparedness for the ultimate – and inevitable – nightmare scenario should be a top priority.

Are you ready…?

To learn more about how Allendevaux & Co. can help your business protect its data, click here.



from UC Today https://ift.tt/O6bc5iv