Emergency response – what to do if your public cloud is hacked

With cyber attacks on big corporations’ IT systems never far from the headlines, you’d be forgiven for questioning cloud security.  Although public cloud hacks are rare, says Terry Storrar, our Director of Managed Services, if they do occur, an organisation needs to act fast.  Here’s a 5-step action plan to follow if your systems come under threat:

  1. Secure your systems internally first so that the threat is mitigated before trying to solve the wider issue. Shut down any machine instances that you can and reset passwords of sensitive systems first.
  2. Contact your cloud service provider – they will have protocols to follow that will help, including automated shutdown procedures.
  3. Identify the scale of the breach and alert all possible targets as soon as possible. Communicate to all internal and external stakeholders as per your business continuity plan. If personally identifiable information has been accessed, then you will need to contact the relevant regulatory authorities too.
  4. In the aftermath of an attack, organisations should immediately review and update their security protocols while the incident is still fresh in their minds as part of a robust business continuity strategy. The root cause should be identified – most security breaches are due to human error – and systems put in place to avoid a repeat situation.
  5. An organisation should also take the opportunity to review that it has the best cloud mix in place in line with its own risk appetite, ensuring it is using the right private cloud provider offering an infrastructure that is protected to the levels it expects.

While it is not possible to prevent all attacks, organisations can prevent them being successful in future by using managed back up and disaster recovery services to ensure operational downtime is minimised. For further advice on the pros and cons of cloud solutions for your organisation and choosing the best cloud mix to meet your business requirements speak with our Cloud Deployment specialists.