10 questions to ask after your customer has been hacked

<span id="hs_cos_wrapper_name" class="hs_cos_wrapper hs_cos_wrapper_meta_field hs_cos_wrapper_type_text" style="" data-hs-cos-general-type="meta_field" data-hs-cos-type="text" >10 questions to ask after your customer has been hacked</span>

May 02

May 02

Security

shutterstock_470866664.jpgYou’ve evaluated your customer’s network. You deployed the best IT security solutions available. Now the inevitable has happened: They’ve been hacked.

What do you do when you get that panicked phone call from your customer?

These 10 questions can help you assess the damage and calm your customer’s fears.

Question 1: What part of the system was attacked?

  • Network?
  • Computers?
  • Storage?

After you’ve heard the bad news, the first thing you want to do is to take stock of the situation and discover the extent of the hack.

Question 2: How many platforms have been compromised?

Here you want to discover if any remote offices or mobile workers were impacted, or if it was only the corporate office. Or, if the hack came from outside the company, was it random or was it a targeted attack against a specific department?

Question 3: What are the symptoms?  

What impact is there to the daily business, if any?

Question 4: How are you measuring this impact?

Be sure to consider loss of productivity, revenue and even customer trust if databases were compromised.

Question 5: Have you conducted security forensics to characterize this attack?

If not, this should take place as soon as possible.

Question 6: Can your company’s IT security team handle this analysis?

It might be beyond the scope of your ability or expertise if the hack is sophisticated enough.

Question 7: Do you need to engage a third-party to complete remediation?

Consider calling in another IT security team for help if needed.

Question 8: Can you restore the compromised systems to a known good operational state using backup/restore procedures?

This is a great question to ask yourself before the attack, too. Hopefully, you’ve already prepared for the worst, and if so, make sure you remind your customers of how important this feature is to have in these situations.

Question 9: How will you prevent a similar event from reoccurring?

This is key. Fixing the damage done is only temporary. You need to learn from the breach and take steps to prevent similar attacks in the future.

Question 10: Do you have a trusted partner/organization you can leverage to help you develop and implement a security plan going forward?

This is very important if you hope to maintain a positive experience with your customers for the future. They need to have confidence in your ability to keep them safe, regardless of what tomorrow may bring.

Want to know more?

Ingram Micro’s Professional Services team can help you and your customers prepare for tomorrow’s attacks, and respond to today’s as well.

Contact us today for more information, (800) 456-8000, ext. 76094, or email proservices@ingrammicro.com

Topics: Security, Network Security

New Call-to-action