A generic security compromise recovery mini plan
If you won't create an appropriate plan then at least keep this post handy
In theory you should have a plan with specific steps to take when, inevitably, the security of your systems is compromised. In practice, if you are a small business, you are unlikely to create such a plan until it is too late.
Therefore I created this mini plan that you can use instead. Put it somewhere where you will not forget. Print it and pin it on the wall, or put it together with your other standard operating procedures.
Stay calm. Don’t rush, but don’t postpone either.
This is an emergency. The management and the technical people involved need to drop everything they are doing. Reschedule any meetings or other obligations of the next hour.
The management and the technical people involved should have a meeting to assess the situation. Go through a detailed generic plan, such as the FTC’s “Data Breach Response: A Guide for Business”. Write down the actions each person will be responsible for. Estimate the amount of work needed and, if necessary, reschedule any obligations of the next few hours or days.
Finish the meeting and let each person do his stuff. Repeat from step 3 as often and as many times as needed.