Ollie has a structured Security Incident Response Plan designed to minimize risks, mitigate impact, and ensure a swift recovery from security incidents. This plan consists of the following phases: preparation; containment, eradication, and recovery; identification; communication; and post-incident activities.

1. Preparation

To prevent security incidents, Ollie takes the following measures:

  • Assessing environment risks.
  • Implementing security baselines and applying patch updates regularly.
  • Enforcing least privilege access controls.
  • Safeguarding perimeter security.
  • Preventing malware infections.
  • Conducting security awareness campaigns.

2. Containment, eradication, and recovery

Before taking corrective actions, Ollie collects, preserves, protects, and documents all evidence.

All assets involved in the incident must be preserved, and no evidence can be deleted or changed without proper authorization. If the evidence contains confidential information, encryption is mandatory.

After resolving an incident, Ollie assesses whether other environments are exposed or have already suffered the same type of attack to address the root cause. The responsible team must re-establish uncompromised safeguards.

3. Incident identification

An anomalous event is classified as a security incident if it affects the availability, integrity, or confidentiality of information, systems, or services, or if it results from improper access or an attack.

Ollie also proactively initiates incident management in a preventive manner to avoid the escalation of anomalous events and mitigate potential impact.

4. Communication

This procedure includes an integrated communication plan that is applied throughout all phases of the response. Ollie notifies customers who may have been affected by the incident within 24 hours of confirming the incident.

5. Post-incident activities

Lessons learned and improvements from the incident response process are collected to improve security controls and to strengthen future incident management.

The objective is to analyze:

  • What happened and how.
  • What actions were taken.
  • Whether the response was effective.