Why you don't have to entangle your company's IT system

The major challenge for companies today is to ensure that they can escape, if not to the fullness but to the maximum of the computer threats that await them.

Indeed, computer incidents due to computer attacks are multiplying. It is almost impossible to do a week without any reports of a computer attack here or there. This is the sad reality of today's digital world. That's why it's important to learn and train on methods to make more about your computer system on a daily basis.

This article will also interest you: Business and IT Security: a matter of spending as well as protection

"A lot has of course changed in two decades. A key aspect is the widespread use of cloud computing, more commonly known as the "cloud," for both storage and data access. This has had a huge impact on how cybersecurity issues need to be addressed. In the early 2000s, the idea was to create a kind of wall around the company. In 2021, the approach is very different: data can be accessed from the company as well as at the employee's home or on the go. The data is therefore partly stored on the company's servers, partly on the cloud or sometimes on the employees' personal computers. explains Fabien Jacquier, co-founder of Kyos, a company specializing in attic form and advisory. "As a corollary, this flexibility also drastically increases the "attack surface" that can potentially be exploited by hackers. We must be all the more vigilant given that they are now acting in a much more sophisticated way than in the past: hackers are no longer isolated people behind their computers but they are increasingly networking; they are real organizations. Grégory Roux, one of Kyos' associates, added.

Faced with the proliferation of computer attacks, the political and legal demands of states, and the increase in data leaks, one wonders whether it is possible today for a company to protect itself from intrusions. But according to the co-founder of Kyos, the approach is poorly understood. "Rather than trying to protect the entire IT environment of the company, one of the solutions is to secure the data itself. To use an image: we used to try to place some kind of fence all around the company. Now we know that the fence is open – we'll focus on controlling its access depending on where it is located, via encryption and authorisation solutions. ».

So what about the proliferation of means of communication. Today messaging services are legion. With the adoption of telework as a standard model of professional collaboration due to the coronavirus pandemic, solutions have rapidly developed to become literally established. What about the security part of all this? To this question, Grégory Roux replies: "We come back to the question of what we are going to secure. Should the channels through which this data is distributed and accessed be secured, or should the data themselves be secured? Today, the trend is more in the direction of securing the data itself. ».

So what are the areas that we can call sensitive in this computer world?

"Law firms have always placed a lot of importance on this aspect, but so have administrations, international organizations and, of course, companies active in finance or industry. Historically, it was the banks that had the largest security budgets — in the meantime, they were caught up with others. Within the banking sector, private banks also devote more resources to it than retail banks. Fabien Jacquier explains.

Despite all that could be presented as disadvantages in the digital sector, the fact remains that we are witnessing the rise of fintech especially smartphone banks. Are these economic models viable in the face of these growing threats?

"I would say that all financial companies have taken the lead in cybersecurity – both the most advanced new players in digital technology and the more traditional banking institutions, such as PostFinance. PostFinance now offers both mobile banking services and certified payment systems such as Twint. Although some traditional establishments are currently a little "challenged" by fintech companies, the essential points to be protected remain the same: it is above all to ensure the security of financial transactions. Unlike other sectors, the challenge is not only to protect the data in general but also to ensure that the financial transaction is carried out properly. Various risks should be avoided: a transaction can be diverted to a third party, the amount may be changed. For all these reasons, transaction data must be protected using encryption techniques. Fabien Jacquier points out.

Now access an unlimited number of passwords: