BeeCastle has a clear set of measures in place to ensure we protect customer information and offer the most secure product we can. However, we also recognize that security incidents can (and do) still happen, and it is important to have a defined plan for handling them if they arise.
As a result, we have defined the following approach to handling possible security incidents and data breaches:
How we detect incidents and breaches
We have several monitoring mechanisms in place to detect failures or anomalies in our product and infrastructure that may be an indicator of a potential security incident.
These systems alert us immediately if an activity is detected that requires further investigation. We have an aggregated log capture platform which allows our team to investigate quickly and thoroughly. Our infrastructure team are also constantly monitoring our infrastructure to ensure we maintain availability. In both systems we create alerts in our security information and event application that notify our teams proactively.
Managing incidents and breaches
To ensure our incident response is consistent and minimises risk as quickly as possible, we have a defined process of steps we take for each incident. This playbook at a high level is:
Incident detection and analysis
Upon recieving notification of an incident, the infrastructure team is responsible for confirming the incident has occured, the attack vectors, scope and impact to customers.
Upon identfiying the details on the incident, we asses the severity of the incident based factors like:
Impact of incident (e.g. data exposed)
Number of people/orgainsations impacted by incident
For example of a recent analysis, we thoroughly reviewed our product and services for any impact from the Log4J vulnerability and found no risk or issue.
If your data is involved in a breach, we will tell you about a data breach in an email, text message or phone call. The notification will include:
the kinds of personal information involved in the breach
a description of the data breach
recommendations for the steps you can take in response
contact details of a team member if further details are required.
If we cannot contact impacted parties or the notification is relevant to a broader audience, we will put a notification of the breach on our Website. We also share this notification plus updates on the breach through, for example, social media and community posts on r/MSP and TechTribe.
Containment, eradication and recovery
Considering the incident severity, we then determine and implement the steps necessary to contain the incident, eradicate the underlying causes and start our recovery processes to ensure we return to business-as-usual as quickly as possible. At each stage, we provide relevant updates as per our customer notification plan.
Want to understand more about BeeCastle's commitment to Security and Privacy?
We have published other resources including:
If you have any questions about the above, please email firstname.lastname@example.org and the team will coordinate a conversation with the right person.