In Switzerland and around the world, cybercrime is on the prowl, threatening your IT security. Organizations of all sizes need a cybersecurity plan in 2023. For small and medium-sized enterprises (SMEs), the need is even greater, as cybercriminals have increasingly turned their attention to smaller organizations in recent years. This is evidenced by the fact that incidents targeting companies with fewer than 1,000 employees will increase by almost 200% by 2022.

Luckily for you, you're in good hands! EVOK has put together the ultimate checklist for solidifying your cybersecurity in 2023. To this end, our blog post will focus on risk areas and opportunities for improving the security of your operations.

Which threats jeopardize your cybersecurity?

Before we get to the checklist, it's important to understand what dangers you're facing. For SMEs in particular, here are some of the cybersecurity threats in 2023:

1. Ransomware. A type of malware that encrypts a victim's data and demands a "ransom" to restore access to files and the network.
2. Phishing. This is a type of social engineering. It aims to trick users into bypassing normal cybersecurity practices and disclosing sensitive data such as usernames and passwords, bank account information, social security numbers, credit card details, etc.
3. Incorrect firewall configuration or absence: There's no need to demonstrate the importance of the firewall to your cybersecurity in 2023. Correct configuration and maintenance of your firewall are essential to your network's security.
4. Your employees can be the weak link. Lack of investment in resources translates into a more lax environment. Most employees still use easy-to-guess passwords to access company accounts. Some are unable to spot the danger signs in attacks.

The checklist to solidify your cybersecurity in 2023

Define strict password policies

Strict criteria for employee passwords will prevent unwanted access. Try the following to establish and maintain strong password policies:

• Use multi-factor authentication (2FA) for enhanced account protection.
• Require organization-wide password changes on a regular basis, or when a data breach occurs.
• Prohibit employees from sharing their login details.
• Use password generators to guarantee password complexity.
• Use encrypted password managers to store passwords securely.
• Require employees to use different passwords for each account.

E-mail restrictions

Email is one of the most common points of entry for cybercriminals and malware. The first step is to choose the right e-mail hosting provider. If you're based in Switzerland, you should opt for an e-mail tool that's hosted entirely in Switzerland. If you are, for example, a municipality, a nursing home, a medical practice or a financial institution, you need to comply with the Swiss Data Protection Act (Art. 18 al. 1 LPrD). EVOK offers you Hosted Exchange® hosting, 100% Swiss and under Swiss law, with replication on a geo-cluster in our Fribourg and Lausanne datacenters.

And don't forget to use spam filters, message encryption and antivirus software to prevent threats from reaching their targets.

Multiple layers of protection

Also known as multi-security or defense-in-depth (DiD), the idea here is to adopt a layered approach to security with intentional redundancies - so that if one system fails, another immediately takes its place to prevent an attack. Maintaining multiple layers of protection includes the following:

• Use antivirus software and run scans after software updates.
• Install firewalls and intrusion protection systems on your network.
• Use a virtual private network (VPN) to secure your company's Internet traffic.
• Analyze all your company's data to detect suspicious behavior.

To find out more about network security, take a look at ourIT audit offer.

Founded in 2005, Palo Alto Networks has become a leader in cybersecurity thanks to its advanced network security solutions.

With the proliferation of increasingly sophisticated network threats (e.g. phishing, baiting...), companies are faced with an increasingly complex security environment. Computer attacks are becoming more frequent and more destructive, and it has become essential for companies to have state-of-the-art protection to secure their network. That's where Palo Alto Networks comes in. Its security solutions offer next-generation protection that goes beyond the capabilities of traditional firewalls. In fact, they are designed to offer complete visibility and control over network activities, detect potential threats in real time, and apply security policies to reinforce network security.

In this article, we'll explore the different reasons why companies can choose Palo Alto Networks, as well as the security solutions on offer and the benefits they offer for protecting corporate IT networks.

Palo Alto Networks services

Palo Alto Networks offers a comprehensive range of solutions for advanced protection and complete visibility of network activities for enhanced security. Here's an overview of the main solutions on offer:

1. Next-generation firewall: Palo Alto Networks is best known for its next-generation firewall, which offers advanced protection against network threats. Palo Alto Networks firewalls use a combination of advanced security techniques to identify and block threats, including signature detection, behavioral analysis, vulnerability detection and intrusion prevention.
2. Intrusion Prevention System (IPS): Palo Alto Networks also offers an Intrusion Prevention System (IPS) to detect and block network attacks before they can cause damage. IPS uses real-time analysis to identify threats, and security policies to prevent attacks.
3. Security for public and private clouds: With the growing adoption of cloud computing, cloud security has become a major concern for many companies. Palo Alto Networks offers a cloud security solution that protects enterprise data and applications in public and private clouds, providing complete visibility and control over network activities.
4. Endpoint security: Endpoint security has become a major concern for businesses, as employees increasingly work remotely and use personal devices to access corporate networks. Palo Alto Networks offers an endpoint security solution that protects laptops, smartphones and tablets against security threats.
5. Email security: Phishing and spam attacks are on the increase, and companies need state-of-the-art protection to safeguard their users against these threats. Palo Alto Networks offers an e-mail security solution that detects phishing and spam attacks, blocks unwanted e-mail and provides advanced protection against security threats.

Why choose Palo Alto Networks?

Our customers are not choosing Palo Alto Networks solutions by chance. In fact, they are looking to benefit from next-generation protection, greatly enhance their network security and protect their critical resources. In summary, we can cite the following reasons:

1. Next-generation protection: The company's firewalls offer advanced security for computer networks. They feature intrusion prevention, URL filtering, malware detection and application control for comprehensive protection against network threats.
2. Visibility and control: Palo Alto Networks products offer complete visibility and control over network activities in real time. Security management tools enable companies to detect potential threats, block attacks in real time, and enforce security policies to strengthen network security.
3. Scalability: Palo Alto Networks products are designed to adapt to changing business security needs. Security solutions can be easily extended to support business growth and diversification.
4. Continuous innovation: Palo Alto Networks continually invests in research and development to provide innovative, state-of-the-art security solutions. The company is also active in the IT security community, sharing its knowledge and contributing to the fight against network threats.

A field of IT that involves designing, building, deploying and maintaining cloud-based IT solutions, cloud engineering is not just a trend in 2023, but a reality. Put simply, this technology enables remote access to IT resources via the Internet, without having to store them locally on one's computer.

In this blog post, we're going to talk about the various advantages of cloud engineering and the many trends it will be adopting this year.

The benefits of cloud engineering in 2023

As you've probably guessed by now, cloud engineering is one of the key technologies of the 21st century, enabling businesses to benefit from the many advantages of cloud computing, such as cost reduction, flexibility and scalability of information resources:

1. Cost reduction: thanks to the cloud, companies can reduce the costs associated with purchasing, maintaining and upgrading on-premise IT infrastructures. They can also save on the energy costs associated with operating data centers.
2. Scalability: Cloud resources can be easily adapted to demand. This means that companies can increase or reduce their storage or data processing capacity according to their needs.
3. Remote access: In the wake of the pandemic and the shift to a hybrid mode of working (remote/office), the importance of the cloud has become all the more pronounced. It enables employees to work remotely from anywhere, at any time, accessing their applications and data via the Internet.
4. Security: Cloud providers generally have security measures in place to protect their customers' data and applications. Companies can therefore benefit from high levels of security without having to invest in costly security infrastructures.
5. Innovation: Cloud engineering enables companies to innovate faster, because they can easily test and deploy new applications without having to worry about the costs or constraints of setting up an on-premise IT infrastructure.
6. Availability: Cloud providers generally offer high levels of availability for their services, enabling businesses to benefit from 24/7 service continuity.

Cloud engineering: trends to watch in 2023

Cloud engineering is constantly evolving, adapting to the needs of businesses and consumers alike. In 2023, we foresee several important trends for IT professionals working in cloud engineering. Here they are:

1. Widespread adoption of Infrastructure as a Service (IaaS): IaaS enables companies to lease IT resources, such as servers, storage and networks, from cloud providers rather than buying and maintaining them themselves. This approach enables companies to reduce costs, gain flexibility and adapt quickly to fluctuations in demand.
2. The explosion of artificial intelligence (AI) in cloud engineering: AI is increasingly used in the cloud for applications such as data analysis, voice recognition and fraud detection. Cloud providers are offering AI services such as image and voice recognition engines, chatbots and advanced data analysis tools.
3. Growing adoption of multi-cloud: Companies are increasingly adopting a multi-cloud strategy, i.e. using several cloud providers for different tasks or applications. This enables them to benefit from the advantages of each provider, such as security, scalability or cost.
4. The growing use of containers: Containers are isolated runtime environments that enable developers to deploy applications more easily and quickly. Containers also enable companies to reduce costs and increase efficiency by using shared resources.
5. Security, security, security: Security is a major concern for companies using the cloud. Cloud providers are constantly working to improve the security of their services, but companies also need to take steps to protect their data and applications.

To sum up, cloud engineering remains a constantly evolving technology that offers many opportunities for IT professionals. By following current trends, companies can benefit from the flexibility, scalability and economic advantages offered by the cloud.

File sharing and corporate security: What you need to know

File sharing is an essential aspect of enterprise collaboration, enabling teams to work together efficiently and exchange information quickly. However, understanding the security implications of file sharing is crucial to protecting your company's sensitive data.

Table of contents

• 1. Assess the risks
• 2. Choose a secure file-sharing platform
• 3. Manage access rights
• 4. Encourage the use of strong passwords
• 5. Raise employee safety awareness
• 6. Make regular backups
• 7. Monitor file-sharing activity

1. Assess the risks :

Before choosing a file-sharing solution, assess the risks your company may face. Identify the types of sensitive data you'll be sharing, and assess the possible consequences in the event of a security breach. This will help you choose the right file-sharing solution for your needs.

2. Choose a secure file-sharing platform :

Choose a reputable, secure file-sharing platform. Look for features such as encryption of data in transit and at rest, granular access controls, security audits and malware protection measures. Also make sure the platform complies with current regulations, such as the RGPD.

3. Manage access rights :

Grant appropriate access rights to users to limit file visibility and modification. Implement authorization controls based on the roles and responsibilities of each user, so that only authorized people can access sensitive files.

4. Encourage the use of strong passwords:

Make it standard practice to create strong passwords for file-sharing accounts. Strong passwords should be a mix of letters, numbers and special characters, and it's a good idea to change them regularly. In addition, consider multi-factor authentication for enhanced security.

5. Raise employee safety awareness:

Security awareness is essential to protect shared files. Train your employees in security best practices, such as verifying recipients before sharing files, identifying phishing attempts and managing passwords securely. Encourage caution when sharing files outside the company network.

6. Make regular backups :

Don't forget to regularly back up important shared files. Backups enable data to be recovered in the event of loss, system failure or cyber-attack. Make sure your backups are stored securely, and test their restoration regularly.

7. Monitor file-sharing activity:

Set up a monitoring system to detect any suspicious or unauthorized activity linked to file sharing. Tools for monitoring activity logs and reports can help to quickly identify potential security breaches and take appropriate action.

Migrate safely to the cloud with our best practices

File sharing is a common business practice, but security should never be overlooked. By following these tips, you can minimize risks and protect your company's sensitive data when sharing files. Make sure you choose a secure platform, manage access rights, raise employee awareness and actively monitor file-sharing activities to keep your business information safe.

Open file sharing can be very useful for facilitating collaboration and communication between members of a company, especially for those working remotely or in dispersed teams. It enables quick and easy access to files, which can improve business efficiency and productivity. However, using cloud file-sharing services can pose data security risks. That's why it's important to put in place robust security measures to minimize the risks associated with open file sharing, particularly in terms of confidentiality and data protection.

In this article, we'll look at the risks of using open file sharing in the cloud, and the security measures you can put in place to avoid them.

The risks of open file sharing (cloud)

Open file sharing in the cloud can pose data security risks. Before implementing robust security policies, it is important to highlight these risks so that they can be better identified and addressed:

1. Unauthorized access to files :

One of the most common risks associated with open file sharing is unauthorized access to files. If files are not properly protected, anyone with the sharing link can access them. This could include outsiders, competitors or even hackers.

2. Data loss :

If files are poorly protected, they can easily be deleted or modified by unauthorized persons. This can lead to the loss of important company data, with disastrous consequences for operations.

3. Violation of privacy:

Open file sharing can also lead to a violation of privacy. If files contain personal or confidential information, unauthorized access can lead to privacy violations and legal problems.

4. Malware risk:

Open shared files may also contain malware or viruses, which can be inadvertently downloaded by users accessing these files. This can cause damage to company computers and networks.

5. Loss of data control:

By using open file-sharing services, companies can lose control of their data. Cloud providers can retain user data, and it's difficult for companies to guarantee that their data is secure and not shared with unauthorized third parties.

How can you limit the risks associated with open file sharing?

To minimize the risks associated with open file sharing in the cloud, companies need to implement robust security policies and use file management tools that offer access control and data protection features. Here's a closer look at what you need to do:

1. Limit access to files: The first security measure to take is to limit access to files to authorized persons. This can be done using access rights management tools, which allow administrators to define access permissions for each user.
2. Encrypt files: File encryption is another important security measure to protect sensitive data. Encryption prevents unauthorized third parties from reading or modifying files without the appropriate decryption key.
3. Use strong passwords: Companies should encourage their employees to use strong passwords to access files. Passwords should be long and complex, and users should be encouraged not to reuse the same passwords for multiple accounts.
4. Educate employees Companies need to make their employees aware of the risks associated with open file sharing in the cloud. Employees need to be trained in good security practices, such as checking sharing links before opening them, monitoring account activity and reporting suspicious activity.
5. Use additional security tools: Companies can use additional security tools such as antivirus software and firewalls to protect files against malware and external attacks.

In summary, to minimize the risks associated with open file sharing in the cloud, companies need to implement robust security measures such as limiting file access, encrypting files, using strong passwords, raising employee awareness and using additional security tools.