By Samantha Agather, Information Security Analyst– Intrinium
Have an incident? We can help.
When things go wrong regarding your company’s data, it can be terrifying. It will leave you wondering, what’s the full extent of the damage done, how did it happen and what’s next? Let us guide the way for you.
Our specialists will take a deep dive into your devices and network to attempt not only to find out how the infection or attack occurred but find the extent of the damage. If you are in an active incident, we always recommend first and foremost:
- Disconnected affected machines from all networks
- Leaving the machines untouched otherwise (do not power off if possible)
- Do not log in to the machines
We will help you determine (within reason):
- Was data taken?
- Was ransomware installed?
- Or is it just a virus?
- Or was it an unknown type of attack?
The end deliverable is a full forensic evaluation and report, includes:
- An executive summary to present to board meetings and the executive management
- An in-depth explanation of what occurred
- A timeline of the incident and investigation
- Log samples and other evidence to present to those more technically savvy
- What Intrinium did to help remediate
- What future steps can be taken to prevent attacks like this on your company in the future
- Any other recommended actions
We can guide you through recovering from the incident, either by offering our services or providing your IT department professional guidance to get your business up and running again. Depending on the severity of the incident, the solutions can be as complex as rebuilding your network, or as simple as moving a device off the network and running an anti-virus scan. We ensure that our recommendations align with your business needs and potential downtime tolerance.
Incident Response Doesn’t Need to Be Scary
When, not if, something happens, we have all the tools to get you as many answers from your environment as possible, as well as helping you pull out all the stops to remedy the situation and get back on your feet. Being proactive about information security ensures that when an incident occurs, you are well equipped to handle it. Incidents happen to all businesses – how you respond sets your company apart.