By browsing this site, you are agreeing to our cookie policy. More Information

FTC Notes Forensic Security Capabilities Critical to Breach Response

Security | Nov 1, 2016

Last week, the FTC issued a new paper and accompanying video advising business on what to do in the event of a data breach. Central to the recommendations are a capacity to conduct an incident response investigation immediately after detecting signs of compromise. Acknowledging not every business has a security operations center or incident response personal on-staff, the paper recommends identifying and working with independent forensic investigators as the first step.

Whether you do or do not have such individuals in your employ, having the right technology in place *before* a breach can make the difference between early detection and rapid, measured response with limited damages, and a full-blown crisis. EnCase Endpoint Security provides both early detection capabilities through an easy-to-use threat hunting interface designed with a security analyst in mind, as well as automated incident response capabilities that enable you to automate elements of the FTC recommendation such as capturing the evidence of the breach from effected machines, initial scope and impact assessment, and quarantining computers. Whether you have the expertise in-house or have to call for outside help, proactively deploying an endpoint security solution allows organizations to carry out the initial steps of incident response ensuring expensive outside help can get to work right away on analyzing the data rather than the costly and time-consuming efforts of manually chasing down computers and imaging systems.

Additionally, all data collected with EnCase Endpoint Security ensures breach related evidence is preserved in such a way as to stand up to the scrutiny of regulators or, if required, the courts. EnCase is the same technology used by the federal government to conduct their own security investigations and has been since 2006. EnCase Endpoint Security has helped organizations answer key considerations posed by the paper such as:

  • How did it happen?
  • What was taken?
  • What machines were affected?
  • What do we need to do to remedy the situation and prevent this from happening again?

Finally, EnCase Endpoint Security delivers everything you need to remediate systems – wiping malware and related artifacts from systems without taking those systems down – ensuring you can confidently report on actions taken and the effectiveness of your remediation efforts.

To read the FTB paper “Data Breach Response – A Guide for Business” click here: https://www.ftc.gov/news-events/press-releases/2016/10/what-do-when-you-suspect-data-breach-ftc-issues-video-guide

To learn more about how EnCase Endpoint Security can ensure you are prepared for the inevitable, please visit: https://www.guidancesoftware.com/encase-endpoint-security

Anthony Di Bello is senior director of product marketing at Guidance Software and is responsible for the voice of the customer and go-to-market strategy across Guidance Software forensic security, data risk management and digital investigations products.  An 11-year veteran of Guidance, Anthony previously served as director of Strategic partnerships.

    Load more comments
    Thank you for the comment! Your comment must be approved first

    Leave a Comment

  • comment-avatar


  • You May Also Like

    Security

    EnForce Risk Manager: Redefining Data Privacy & Co...

    Have you ever asked yourself if your organization has control over its data?
    Feb 4
    Security

    Finding those Easter Eggs?

    We don't mean to egg you on... well, in fact, we do.
    Nov 3