This article originally appeared in the March 2013 issue of CUSTOMER Magazine.
Damages caused by hacking attacks are not only technical headaches, but they can also cause tension between the company and its customers. This tension can be especially acute in cases where the hacked company offers a hosted service to its customers, and that service’s functions are at risk. Hackers understand how damaging their threats can be and the importance that firms will place on meeting customer needs above nearly all other concerns. Despite the risks, companies can employ several best practices to become a less inviting target to hackers and to minimize the damages after a threat.
Monitoring of server status is a sound first step for companies that want to know immediately when a threat begins. The right monitoring tool will send alerts to administrators and other technical staff who can begin to assess the damage. Protocols should also be put into place to alert the customer support team. If the hacking attempt will very likely interrupt or slow services provided for customers, then a quick and transparent explanation should be disseminated.
Enterprise-level hosted live chat, e-mail marketing, knowledge base, and help desk solution provider Comm100 recently experienced a distributed denial of service attack for which a hacker attempted to shut down the company’s operations in exchange for blackmail payment. Comm100’s core services are all hosted, so interruption of service means its global clients could not properly meet the needs of their own customers. The company took swift action to both combat the attack and inform its customers of the existence of the threat and the actions being taken to get services back online.
After the system admins at Comm100 analyzed the exact type of attack and its technical scope, they talked to the data center host to see if any network errors had occurred and to make sure they knew of the attack and were taking steps to guard the server. As the attack was confirmed, the company looked at more advanced defenses to help stop the hacker from repeating the attack, a popular tactic hackers use to extort companies.
Comm100 also knew multiple department coordination was vital to properly manage any threat. Its developers needed to adjust quickly any settings and work with a testing team to be sure any affected systems were functioning and ensure there would not be an interruption in service. The support team was tasked with gathering feedback from customers and keeping them informed of the issue and the likely timeframe for resolution. These communications were very transparent, as customer backlash could be severe if Comm100 did not disclose an outage.
For widespread public attacks, the marketing team should be involved to ensure the right messaging about the attack is provided to the public. Every department should understand its role before an attack occurs, so they can work quickly and collaboratively in a logical fashion to mitigate the damage to both technical systems and the company’s reputation.
Once customers hear about the attack, they will naturally ask: Was my data compromised? Management of customer data is vital for any firm that offers a hosted service, and companies should be sure all data protection policies are sound to stop any intrusion. Hackers often try to infiltrate through passwords, so companies should ensure complex password verifications are a part of server login credentials. These credentials should be actively managed by select staff members who have a proven ability to follow the strictest of policies. All customer data should be encrypted to the highest standards, with very limited numbers of staff having access to the data. Monitoring should be in place to spot any port or bug scans and to log all system visits in case of unauthorized attempts. It’s important for customers to know such procedures are in place so they have the added peace of mind that you have considered the possibility of hacking and are proactively taking steps to shield their data.
Properly trained staff members are essential for repelling and preventing attacks. System administrators should proactively learn about the latest threats and hacking techniques as well as the appropriate responses or patches. The non-technical staff that manages customer relationships should have enough technical training to be able to understand the threat and translate it into plain language for their customer contacts. How the hacking threat is described and managed by the company is as important to customers as the technical details of the threat itself. Staff members need to be transparent with their information, and be able to relay confidence in the technical team’s ability to quickly stop any threat and get the company (and the customer) back in business.
Kevin Gao is president and CEO of Comm100 (www.comm100.com).
Edited by Stefania Viscusi