Howto resolve a Security Event for small to medium business

What can you do when you suspect a security event has happened?

If you suspect that you have malware, or you receive email bounces from email not sent by you, or someone notifies you of a potential security issue

Also see : Security Event Process and costs

Take immediate action

You need to (1) FIND the issues,  (2) REMOVE malware and (3) CHANGE all passwords and in that order.

You should contact your hosting provider immediately and notify them to change your Npanel/Plesk/Cpanel passwords and to change all your email account passwords for you (You can also change your own credentials (If you are sure you have a “clean” device/system/network)

You can also contact your IT support or IT company and request assistance, if needed.

The second step is to understand that if one of your passwords, like your email password, has been compromised : Possibly ALL of your passwords have been compromised. Possibly ALL your data has leaked and may be in the hands of criminals. possibly your account credentials may have been used to contact your clients, your suppliers, your friends and relatives. Your account may have been used to transmit malware to your contacts.

The third step is to understand that everyone in your office, group or circle has probably also received malware from “you” and that all your devices cannot be trusted.

 

 

If you do nothing and you do not act, your abuse may become worse. If you neglect to contact Nkosi Web Hosting (Pty) Ltd to inform us of your security event, or we have to inform you of your abuse – Please see the section about Security Event Process and costs. Please ensure that you take action to avoid suspension/termination of your hosting account without notice. Please do remember that you will receive Invoice(s) for all additional work and/or damages caused by your security breach.

The fourth Step is to take action in terms of DATA which you may have leaked protecting third party data you may have processed. Inform third parties that you have experienced a security event, supply third parties data and information as required in order for third parties to take any required action(s).