An incident response plan is just what it sounds like, having a plan in place to deal with isolated incidents that threaten the security of your law firm. The most common type of such a serious incident to which you’ll need to respond is a data breach like Ransomware. Other incidents include security alarms, unauthorized access by employees, and so on.
The American Bar Associate recommends creating an action checklist should you have to deal with a serious incident.
- Verify what happened
- Determine who is in charge of the investigation
- Communicate the start of the investigation
- Solve the immediate problem while preserving evidence
- Determine whether you should call in outside help
- Follow any steps the law requires you to take
- Re-evaluate your security so that an incident like this doesn’t happen again
This is, of course, just an oversimplification of what you should consider when developing an incident recovery plan. Rekall can help you dive further into this crucial area to makes sure these issues don’t happen in the first place.