Security Incident Response Services

1-844-711-HACKED (4225)

What To Do If You Detect a Breach: Engaging Bulletproof’s IT Security Response Services 
If you suspect one or more of your organization’s devices is compromised, it is vital that you do not power down the device but instead follow these steps to safely and securely isolate the problem. 
  1. Disconnect the device from the network: Unless the continued operation of this computer, laptop, etc., is vital to ongoing business, it should be disconnected from the network. However, if you have reason to strongly suspect critically sensitive data is being actively copied from the device, it is imperative to disconnect it from the network even if it is necessary to ongoing business.
  2. Ensure you have disconnected from all sources: Disconnecting the device from the network can include:
    a. Disconnecting any network Ethernet cables.
    b. Disabling any WiFi, Bluetooth, or cellular radios (preferably with a physical switch, if available)
  3. If you cannot disconnect from the network, turn off the device: If you cannot disconnect the device from the network, you may turn it off. This is not advised in any other context as there may be critical, ephemeral data relevant to a suspected compromise that may be lost.
  4. Contact Bulletproof: Contact our Security Incident Response Services at 1-844-711-4225 for further assistance.