When it comes to hacks or breaches at your business, the quicker you act, the better. Here’s everything you need to do if you experience a company data breach.
Sometimes, the regrettable happens. Despite your company’s best efforts to implement the latest security solutions and get every employee on board, cyberattacks can still occur.
Whether a proverbial door has been left open for a hacker to find their way into your company’s software, or employee credentials are floating freely around the dark web, there are immediate steps your company can—and should—take to mitigate the situation.
5 things to do if your company experiences a hack or data breach
1. Ask employees to immediately change their passwords for all their work accounts.
It’s likely that many of your employees are reusing passwords. When the compromised credentials are exposed on the dark web, scores of other bad actors will sooner or later try to access a variety of your IT resources with those logins. The quicker each employee changes their passwords, the better chance your company has at staying a step ahead of hackers.
2. Implement two-factor authentication.
Enable two-factor authentication (2FA) for logins using apps like Duo or Google Authenticator, which employees can get on their smartphones. This creates another barrier for attackers, even if they successfully acquire stolen credentials.
3. Implement a password policy.
If you don’t have a policy that mandates strong and unique passwords, implement one as soon as possible. To get into your systems, hackers only need to know emails before carrying out password-related attacks like brute-force attacks (when a hacker uses trial and error with common or easy to guess passwords).
4. Get a password manager.
Password managers make password management both for your employees and your IT admins much simpler. Not only do password managers have strong password policies built in, but they also have ways to store and share passwords securely.
5. Continuously monitor the dark web for your corporate data.
Cybercriminals may sit on stolen credentials for months before they expose them. Or, you may not know for months that you’ve been breached—and by then, your data may be all over the dark web. You can use a security solution to monitor the dark web for your company so you get alerts at the first sign of trouble.
In fact, you can have Dashlane keep an eye on the dark web for you. Learn more at Dashlane’s breach center.