Data breaches happen every day and, unfortunately, we are getting so used to hearing news about the most recent breach that it no longer creates an interesting report. Most businesses of any significance will, soon or later, become a victim of some sort of breach. So the question becomes not whether you will suffer a data breach, but how are you going to respond to one when it happens.
The Wall Street Journal Business Technology Blog (WSJ) writes about the University of Miami’s (UM) response to their recent breach when thieves stole backup tapes containing two million medical records belonging to the University out of the back of a van last month. WSJ notes that although the breach is nothing to be proud about, the response by University of Miami is pretty impressive.
What made UM’s response so good? The university provided a detailed, but clear, response to what exactly happened and why the breach poses low risk. UM hired outside consultants to conduct testing and to determine the likelihood of successful access to the data. After the consultants reported that such likelihood was low, UM released the notification with clear and common sense explanation.
Hopefully this practice should become the model to responding to security breaches.
No comments yet