No, we haven't been hacked. ;)
We have a prospective client who is asking us what our policy is in the event
of unauthorized access. Obviously you fix the system(s) that have been
compromised, but what steps do you take to mitigate the effects of a breach?
What is industry best practice? So far, searches haven't produced anything
that looks consistent, except maybe identity monitoring for financial data.
(EG: Target breach)
We host a significant amount of educational data, but no financial information.
How would we even respond to this question?
I've also posted this question at
https://www.reddit.com/r/linuxadmin/comments/42mi1r/what_to_do_when_youve_been_hacked/
Thanks,
Ben
_______________________________________________
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos
