Incident Response Plan for Wellness Technology, Inc

            It is important for a wellness technology company to understand that they should have a comprehensive Incident Response Plan (IRP) so that they can respond to any incidents if they occur at any given period of time. If a company is not ready to respond when an incident happens, then damage can get worst, but if there is a detailed incident response plan in place, then they can quickly deal with the incident, and the level of damage can be lower in such cases. However, before developing a successful and comprehensive incident response plan, it is vital for a wellness technology company to understand what steps should be followed so that a well thought and applicable incident response plan is made (Techopedia, 2019).

There are six considerable steps to come up with an incident response plan, so here are those six steps:

· First Step: A company should analyze the overall situation by looking at both internal as well as external threats.

· Second Step: After identifying both internal & external threats, it is time to develop a plan which is made with high standards and it should be documented as well.

· Third Step: In this step, the developed methodologies for giving a response to incidents should be tested so that any flaws can be identified during the test, and then the process is improved accordingly

· Fourth Step: In this step, it is important for the company to makes sure that threat intelligence is leveraged

·Fifth Step: This step is a crucial one as it should streamline things regarding incidents like coming up with a setup to investigate incidents and then developing a considerable as well as an applicable response

· Sixth Step: The incident response plan should be adapted with all aspects across the company so that everything is on the right track (IBM Security, 2017)

Developing an Incident Response Plan

            In this incident response plan, Wellness Technology will try to cover different areas of concern so that they can be able to handle the situation if anything goes wrong. Here are valid points of the incident response plan, which is going to be implemented:

Response to Power Failure

            The power failure is something, which can disturb all other aspects of the company, therefore it is important to have IRP so that response is given accordingly. In case of power failure or any incident related to power, here are steps to be followed:

· If a power failure occurs due to any technical problem during the work hours, and then the concerned team should be given instructions to switch on generators and alternative power solution options so that work can be continued without any interruption

· If a power failure occurs after work hours, then the response can be slower as compared to response given during work hours

· If a power failure occurs due to short circuits or any other unknown issue, where the situation can get threatening, then the building should be evacuated immediately, and then issue should be resolved. The workers should not be brought in until the issue is resolved

· Ask employees to leave their work area, and stop using any equipment attached to electricity (Bertrand, 2016)

Internet Service Provider (ISP) Failure

If internet services are failed or company faces ISP failure, then the following steps should be taken accordingly:

• If ISP failure occurs from the service provider end, then immediately contact them to get actual information

• If ISP failure is an internal fault, then deploy IT technical teams to search for the fault and rectify it as soon as possible

• To makes sure that work is not disturbed or stopped, switch on the alternative services of internet

• Use wireless internet devices to connect important resources immediately so that data is not lost (Anscombe, 2002)

Fire Incident

The fire incident can happen due to a variety of reasons, so here are immediate steps to follow:

· If any signs of fire and or smoke are visible from any section of the company, the building should be evacuated immediately

· If smoke or fire alarms system is active and bells are ringing, then ask everyone to leave the building at once from the emergency exit

·  If the area of fire or smoke is identified immediately, then anyone should take a step forward and use the fire extinguisher

·  If the situation is looking worst and fire is catching up, then call the emergency fire department at 911

·  If fire is identified from one area, then close all doors of that particular area

·  It is advised to everyone that elevators should not be used in case of fire incident

·   People are advised to stay away from area of fire and smoke

·    During the evacuation from any floor of the building, if one sees too much smoke downstairs, then don’t go there, and look for an alternative exit area to get out of the building (uiowa.edu, 2019)

Burst Water Pipe of Incident Response Plan for Wellness Technology, Inc

            If any incident of burst water pipe happens in a building of the company, then it should be handled as quickly as possible, otherwise serious damage can be faced by the company. Here are viable steps to follow:

· Once, burst water pipe issue is identified from any area of the building, then the maintenance department should be contacted immediately

·  If burst water pipe has the potential to damage any work area, where employees are working, then it is advised to evacuate that particular area

·   If burst water pipe is not too big, then relevant technical workers should be called for immediate fix, but if issue is big like major water pipe has been burst, and too much water is getting into building, then area should be evacuated, and major technical teams should be called to fix the issue on permanent basis

The Voice over Internet Protocol (VoIP) telephone system failure used by the sales team and 24x7 technical support team

· If VoIP telephone system is down or not responding for any unknown reason, then it should be notified to the concerned department

· The sales team should be asked to stop taking or making calls on immediate effect because when there is an issue in VoIP system, then customers may not get what they want

· The service provider should be informed on immediate basis that they can send experts to monitor system, and resolve the issue

Virus/malicious code compromising the Wellness Technology’s Web App (to include the presentation layer, business layer, and database layer) or the wrist device

· There should be a dedicated security policy to counter any virus or malicious attack on the company’s Web App

· Even an attack occurs regardless of various countermeasures, then issue should be quickly evaluated to see the damage and possible risks

·  The first step after an incident is to recover the Web App and contain the attack as much as possible

·    Develop a security system, which has an automatic response system, so when any minor attack is identified, it is automatically stopped by the auto system

·  Secure sensitive information and financial data as soon as possible to avoid huge damages (Harvey, 2017)

References of Incident Response Plan for Wellness Technology, Inc

Anscombe, T. (2002). Coping with ISP failure. Retrieved October 18, 2019, from https://www.scmagazine.com/home/security-news/coping-with-isp-failure/

Bertrand, C. (2016). Why You Need a Power Failure Response Strategy. Retrieved October 18, 2019, from https://blog.se.com/it-management/2016/05/17/why-you-need-a-power-failure-response-strategy/

Harvey, C. (2017). Incident Response: How to Prepare for Attacks and Breaches. Retrieved October 18, 2019, from https://www.esecurityplanet.com/network-security/incident-response.html

IBM Security. (2017). Six steps for building a robust incident response function. Retrieved October 18, 2019, from https://www.ibm.com/downloads/cas/QEBYPND1

Techopedia. (2019). Incident Response Plan. Retrieved October 18, 2019, from https://www.techopedia.com/definition/16513/incident-response-plan

uiowa.edu. (2019). Fire. Retrieved October 18, 2019, from https://uiowa.edu/critical-incident-plan/fire