Overview of cybersecurity measures

According to the Federal Statistical Office, 33,345 digital offences were reported in 2022. This marks a significant increase compared to two years previously, when the figure stood at 24,398. The importance of adopting effective cybersecurity measures is therefore constantly growing. This article provides an overview of known methods and contains some interesting background knowledge.

Access controls

Access controls can be implemented to control and monitor which specific users have permission to access or use IT resources and data. Methods include the identification and authentication of users. This should ensure the following:

• Integrity: Data cannot be changed without detection.

• Confidentiality: Data can only be accessed by authorised users.

• Availability: Data can be accessed if it is required.

In general, this measure is not only adopted in-house, but is also considered necessary to meet the requirements of the Swiss Federal Act on Data Protection (FADP) or the General Data Protection Regulation (GDPR). Various principles deemed relevant for the legally compliant processing of data are defined within this measure.

Access controls are often combined with

• Entry controls: Rules on physical entry into certain areas

• Admission controls: Access to IT systems only for authorised persons or computers

Different models are used here. Access rights can be granted, for example, on an individual basis for each user (discretionary access control) or on the basis of user roles (role-based access control).

Firewalls

Firewalls offer protection against unauthorised external accesses to internal computers or networks. They help prevent data loss, unauthorised access to sensitive data and infection by malware. 

Certain security rules are defined at the outset. If these are violated, the firewall will filter or block communication.

Virus scanners/anti-virus programs

Companies install virus scanners to protect against malicious software such as trojans and spyware. They block and remove any detected malware. Real-time scanners are always active in the background. They constantly search for suspicious data in different programs, in data traffic or in the main memory. Manual scanners, meanwhile, start their work at pre-defined times or at the instigation of the user. Online scanners are often used as a complement to other anti-virus programs. They load the virus pattern being checked via a network connection, providing access to information about current threats.

Cryptography

Cryptographic procedures safeguard the transmission and storage of information. They help guarantee one or more objectives:

• Only authorised parties can view data.

• Data cannot be changed without detection.

• Senders and recipients can be confirmed as the source or target of the data transfer. 

• Authorship of a message can no longer be disputed after the event.

To ensure that this can be achieved, sensitive data is encrypted and/or digitally signed. These procedures are used, for example, during email encryption and signing via S/MIME certificates. Similarly, server certificates (often referred to as TLS or SSL certificates) protect the connection between the server and client by way of server encryption and identification vis-à-vis the client.

Further measures for increased cybersecurity

• Find sensitive information: Inventory and classify data and systems. This way, you will know which information is considered sensitive and thus requires special protection.

• Security tests: Perform regular security tests. These will help you detect any vulnerabilities before they can be exploited. Also, check existing emergency plans so that you can respond immediately if a serious incident occurs.

• Training: Employees can be considered both a risk factor and an important element of security. Through targeted training sessions and awareness measures, you can reduce this risk and strengthen the “human firewall”.

• Security systems and software: Make sure that you regularly inspect and update your security systems and software. In particular, security updates should be installed right away, or, even better – wherever possible – fully automatically. 

• Backup: Create a backup of all your data. This can help get business operations back up and running in the event of a total IT system failure or hack. Furthermore, you should store at least one monthly or quarterly backup in a separate physical location. This will prevent data losses if a disaster occurs (fire, water or similar) or the backup system is infected.

• Separate Wi-Fi: Set up a separate Wi-Fi connection for external and private devices to prevent access to the company’s internal applications and data.

• Secure passwords and multi-factor authentication: Define the password requirements for your systems. The following basic principle applies: long passwords (>12 characters) offer more security than regular password changes. Use multi-factor authentication where possible and consider the use of password managers and/or password-free authentication methods such as passkeys.

What does working from home mean for IT security?

Employees working from home generally use their own Wi-Fi. This poses a risk for companies because they have no control over this aspect of security. This makes it all the more important to protect the connection to the company’s network: for example, by using a virtual private network (VPN). This allows data to be transferred with end-to-end encryption.

Private devices represent another risk. Where possible, these devices should not be used. Or you should at least ensure that they are aligned with your company’s IT. And it should also be made clear that all data must be stored in the company’s network and not locally on the employee’s private device.