Search For a Domain Name
  
www.  



Check in all Extensions.
BASIC ABUSE REMEDIATION PROCESS
Step 1 – Identify the breach

Identifying the abuse is the first step toward solving it. Identifying the abuse early help minimize the damage and better chance of resolving it quickly. Following information will help to identify the abuse

  • When was the abuse noticed?
  • Which services, systems, etc. have been affected?
  • What type of abuse is it?
  • Who committed the attack and their possible agenda?
  • Who or what is the target of the attack?
Step 2 – Setup a task force

Timing is very important and once the issue is identified the data owner must quickly assemble the core team and begin looking into the scope of the abuse. The core team should consist of senior executives, security team, server administrators and legal counsel.

Step 3 – Isolate the damage

Isolate the affected data or area. This will help to prevent full access and to protect against additional vulnerabilities. Quarantine the corrupted servers, devices and systems so they can be examined and made functional again.

Step 4 – Begin the remediation process

Core team shall start to assess the damage and begin securing the access. They will evaluate the extent of the damage and keep a record of the findings. This will provide a baseline from which to measure the effectiveness of the remediation efforts once they have been completed. Next, the team will need to establish a hierarchy of need by focusing on the more critical areas initially and then moving onto less essential areas until completing the process.

Step 5 – Develop a communication strategy

The core team will identify each of the audiences that need to receive information about the abuse. Decisions about the manner in which the messages are delivered and the timing for each also need to be made. Messaging should be tailored to each audience and there needs to be a balance between transparency and over-sharing. Additionally, communications should include the steps taken to repair the abuse and the new policies created to protect against repeat occurrences.

Much like the remediation process, the messaging should start internally and then move externally. This is a great time to establish a chain of communication for the company. Transparency should be maintained and timely status updates designed to build and maintain trust. Offer complimentary services or extension can be considered depending on the abuse.