We have a comprehensive approach that allows us to act quickly and effectively to minimise damage and ensure the swift restoration of services, while maintaining transparency with our users.
Our staff undergo regular training to stay familiar with these steps and their responsibilities.
Incident Identification:
Unusual activity is monitored by automated systems that alert our team. This may also include user-reported issues or abnormalities spotted during our routine checks.
Incident Classification
Our team classifies the incident based on severity, from low to critical. The classification is based on factors such as the extent of the data involved, the systems affected, and the potential business impact.
Notification and Escalation
Based on the severity, the incident is escalated internally. The relevant teams are alerted.
Incident Containment
The affected systems are isolated to prevent the incident from spreading. We may temporarily disable certain features of the website, limit user access, or even take the website offline, if necessary.
Investigation and Eradication
Our team investigates the breach source, methods used, and potential data loss. Tools and methods like system logs, backups, and data forensics are used. Once the issue is identified, it is eradicated – if malware is found, it is removed; if there’s an unauthorised access point, the breach point is closed.
Recovery and Restoration
After ensuring the threat is completely removed, the affected systems are restored to their normal state. Generally either a clean backup can be restored or the website is scrubbed of threats. In the case of data loss, the data is recovered from the most recent secure backup. Rigorous testing is performed to ensure everything is working as expected.
Post-Incident Review
After the recovery, a post-mortem analysis is performed to identify the root cause. This may result in updates to our security policies, procedures, and systems to prevent similar incidents in the future.
Communication Plan
Throughout the incident, there’s ongoing communication with stakeholders. Including the severity of the incident, our plan of response, if user data has been potentially impacted, and our ETA to resolution.
For questions or notices, please contact us at:
- ABN: 39 643 152 032
- [email protected]
- Suite 53, Unit 1, 33 Main Street, Romsey 3434 VIC, Australia
Last update: 7 May 2021