Help, who was in our system last night?

What do you do in such a situation?

At ALTA-ICT B.V., we see this more often than you might think. In our Platinum Modern Workplace package, our SOC team is watching live 24/7. Not after the fact, but real time.

When there is a suspicious login, or unusual behavior, then:

• Do we get immediate notification

• Are we also often called directly

• And in the case of a “high risk” we automatically take action

Then our incident response starts, part of our ISMS (Information Security Management System) according to ISO27001.

 

Questions we then answer immediately:

• Who logged in – and from where?

• What has been opened or changed?

• Does something need to be blocked?

• Is there a reporting requirement under the AVG?

• And how do we record everything to learn from it?

 

For ISO-certified organizations (or those seeking to become so)

For organizations that are or want to become ISO certified, this process is not optional. It is essential. And we make it fully demonstrable through our approach ✅

So even before you notice it, we are there.

 

And what did others do in such a situation?

We asked our followers on LinkedIn¹:

🗳️ What would you do in such a situation?

• 89% say: Immediately call IT

• 9%: “Interesting, want more info”

• 2%: “Wait and see, ‘t will be nothing”

• 0%: “No idea, hope never happened”

 

What’s the situation with you guys?

Are you prepared for this type of notification?
Or do you not know exactly who has access to your systems when?

Need to spar about this?
Feel free to send us a message or check out our Modern Workplace page: alta-ict.nl/ModerneWerk

 

Reference

¹https://www.linkedin.com/posts/altaict_soc-isms-iso27001-activity-7330819673942282240-zhxh