On Wed, 2009-06-03 at 02:04 -0500, John R. Dennison wrote:
On Wed, Jun 03, 2009 at 01:57:20AM -0400, JohnS wrote:
Dollars to Donuts ehhh??? How many donuts you think it will take to pay for legal costs and clean up if there are customer data on the machine? I think right about now I
4 chocolate eclairs should cover it :)
But seriously...
would:
- Notify Risk Management and Your Compliancy Officer.
- Take it off the network connections.
- Do a live rsync and dd image + ram copy = running processes/hidden.
- Same as 3. but with the machine off.
- The company attorney needs to be notified.
- By State and Federal Law in the US you have so many days to report
incidents like this to users (customers) and law enforcement.
While the specifics vary from company to company depending on your corporate escalation procedures the above points are very valid and would of course need to be properly followed as required by your corporate entity.
My comment regarding donuts was intended to be flippant and add a light side to the conversation; I assumed from the start that the original poster would follow his corporations established policy on notification and escalation as required.
--- I guess all we can do is hope. No offense taken here though.
JohnStanley