What’s in Your Toolkit? 20 Questions Your Company Should Ask in Preparation for Data Breaches

BY:

Oct 10, 2016

whats-in-your-toolkit-20-questions-your-company-should-ask-in-preparation-for-data-breaches

Keep these critical questions in mind when preparing for the worst

In today’s technologically-driven world, businesses can never be too careful when it comes to security. For this reason, companies need to have a robust security toolkit in place that lays out a plan should some type of breach occur.

In this blog, we’re going to focus on a set of questions that can ensure that your organization is ready should a data breach or other security vulnerability occur within your company. By answering these questions, your security team should be able to piece together a plan that will be invaluable if it is ever needed.

Personal information collection

1. What are the varies types of individuals from which personal information is collected (i.e. volunteers, employees, clients, potential customers, general business contacts)?

2. From the categories listed above, what types of personal information is collected? For examples, is it related to medical records or financial information?

3. Where are the individuals located that have provided you with this personal information? Are they based in a certain geographical area within the U.S., or are they located all around the world?

4. Does your organization have to abide by HIPAA (Health Insurance Portability and Accountability Act of 1996) regulations?

5. How does your organization store personal information (in the cloud, in paper form, on portable storage media)?

6. What sort of security measures does your organization have in place in the event that a data breach occurs? Would it be possible to identify individuals that may have accessed personal information?

7. What levels of encryption are available to protect any personal information that is stored on your company’s servers, both on-premises as well as in the cloud?

Administration of personal information

8. Is there a certain person or group of people who are responsible for developing and managing data security policies within your organization?

9. Identify the necessary individuals from various key departments within your company that could serve on some type of data breach response team.

10. Do you see any challenges that may occur during a security breach based on the multiple departments within your company?

11. Does your company currently have policies in place that relate to not only detecting but responding to security breaches?

Past security issues

12. Has your company experienced security breaches of personal information in the past?

13. If so, was necessary notification provided to any affected individuals? How about to any necessary law enforcement agencies?

14. Has your company developed a template-based letter that can quickly be disseminated to affected individuals?

15. Has your company developed a template-based letter for law enforcement agencies or regulatory organizations in the event of a data breach?

Additional questions to keep in mind

16. Do you have contacts with credit-monitoring agencies?

17. Does your insurance policy cover data breaches?

18. Do you have inside or outside legal counsel that has experience handling legal breaches?

19. Do you have your local law enforcement’s contact information on file in case of a data breach?

20. Do you have the necessary contacts for state and federal officials who deal with data breaches?

It’s time to start developing a plan to protect your company in the event of a data breach.

While the questions listed above may seem overwhelming, this is simply not the time to rest on your laurels and do nothing. In today’s environment, a company can never be too careful when it comes to data breaches.

If you’re unsure where to begin when it comes to protecting your company from a data breach, feel free to reach out to the team at CloudHesive today at 800-260-2040 or via email at sales@cloudhesive.com.

Related Blogs

  • amazon appstream vs citrix" alt="">
    Amazon AppStream or Citrix: Which Application-Streaming Platform Is Right for Your Business?

    When it comes to streaming workplace apps for remote users, which cloud platform offers your business the features and flexibility it needs? With more companies allowing more staff to work from home...

    Learn More
  • Amazon WorkSpaces vs. Microsoft Azure Windows Virtual Desktop" alt="">
    4 Differences Between Amazon WorkSpaces and Microsoft Azure Windows Virtual Desktop

    What are the main differences between Amazon Workspace and Azure, and what does that mean to your business? Cloud computing is not just gaining popularity, it’s exploding with the number of...

    Learn More
  • Amazon WorkSpaces vs. Citrix Managed Desktops" alt="">
    Choosing a Desktop as a Service: Amazon WorkSpaces vs. Citrix Managed Desktops

    The differences between Amazon WorkSpaces and Citrix virtual desktops could decide the success or failure of your remote work infrastructure Desktop-as-a-Service (DaaS) platforms are a means of...

    Learn More