Cyber-attacks, data theft or unauthorized network access can cause costs in the millions, criminal prosecutions and irreparable reputational damage. Companies must therefore protect their IT environments as best as possible. When working with an external IT partner, IT security and data protection should also be given the high priority they deserve.
Sophisticated phishing and ransomware attacks, fileless attacks and hacked process flows: cyber criminals are becoming increasingly sophisticated. If companies don't start preparing for the next wave of threats immediately, 2021 could be rocky in terms of cyber attacks and data theft. According to Cybercrime Magazine , ransomware attacks are expected to cause up to $20 billion in damages in 2021 alone. As cyber criminals continue to evolve their attack strategies, organizations must adapt their approaches to cybersecurity and data protection as well. Standardized antivirus software is often no longer enough to combat today's cyber threats. Enterprises need to protect all their workloads, data and applications across multiple domains.
When working with an IT infrastructure provider, the external partner usually takes care of the security of the IT environment. With a cloud-based infrastructure located in Swiss data centers, you no longer have to worry about cyber security and protection against hacker attacks. In addition to integrated security programs, automatic recording, continuous operation ("business continuity") and emergency planning are often included in the packages of cloud service providers. The external partner also assumes responsibility for software and hardware and performs regular patching of the systems, which minimizes security risks and ensures the best possible functioning of the systems.
_____
How SMEs can protect their IT environment in 2021
Xelon's IT security experts have compiled tips on how companies can protect their IT infrastructure from cyberattacks and data theft in 2021 in this blog post
_____
The company location plays an important role in the choice of the appropriate IaaS provider. In times of data leaks and hacker attacks, most companies and their end customers probably want to know where their data is stored. Most hyperscalers such as Amazon or Microsoft are headquartered in the USA, where access to corporate data is practiced without judicial control by means of the Patriot Act. In Switzerland, however, this is not permitted. According to the Swiss Data Protection and Publicity Commissioner, data protection should ensure that proportionality is observed in all cases. This means that only as much personal data as necessary and as little personal data as possible is collected and processed, and that the person concerned has the opportunity to control and, if necessary, prevent the processing of data about himself as far as possible.
Companies must guarantee the security of all stored personal data. Both employee and customer data must be protected as best as possible. If this data is accidentally or intentionally compromised and it emerges after the cyber attack or data leak that the company concerned had not taken appropriate security measures, it may face fines and sanctions. The Swiss Data Protection Act (DPA) provides for penal provisions in the event of intentional breaches of the obligations to provide information, to report and to cooperate, as well as of the professional duty of confidentiality. The DPA is currently being revised. The revision is intended to create more transparency and strengthen the rights of co-determination of data subjects. The draft revision is strongly based on the EU General Data Protection Regulation (GDPR). Companies with customers in the EU area are already subject to the GDPR, although much higher fines than before are possible for effective enforcement of data protection law since 2018. Local providers comply with Swiss data protection laws and can thus guarantee the highest data security standards.