How SMEs can protect their IT environment

Cyber criminals are becoming more and more sophisticated and security experts expect the threat situation to worsen this year. Here are tips and tricks on how companies can protect their IT infrastructure from Trojans, phishing and ransomware.

Table of Contents

• Phishing emails and the human factor
• Web Application Firewalls should be part of the standard inventory
• Regularly check your security concept for vulnerabilities and carry out updates

Security vulnerabilities can have devastating consequences for companies of all sizes. The consequences range from financial losses to criminal prosecution to long-term reputational damage. If companies don't start preparing for the next wave of threats immediately, 2021 could be just as rocky as last year in terms of cyber attacks and data theft. Familiar scams such as phishing, ransomware, Trojans and botnets are among the biggest cyber threats again this year. According to Cybercrime Magazine, ransomware attacks are expected to cause damages of up to 20 billion US dollars in 2021. 

Phishing emails and the human factor

Since the outbreak of the pandemic and the call to work from home, there has been an increase in phishing emails worldwide. Attackers have taken advantage of the fact that a large proportion of employees are not familiar enough with remote working applications. As the trend towards automation increases, these types of threats will continue to rise in 2021. Security experts always emphasise the human factor in this context: train your team to recognise fake emails, never give out passwords and report suspicious messages. Another impact of home office practices will be that more organisations will increasingly rely on the Internet of Things (IoT) to measure and monitor processes. Furthermore, as IoT proliferates and 5G is introduced, cyber-attackers will take advantage of the growing opportunity to compromise systems and networks as more devices become connected to the internet. Companies should therefore continue to isolate insecure IoT and 5G-enabled devices from the rest of their network.

Web Application Firewalls should be part of the standard inventory

In the case of web applications such as accounting programmes or CRM apps, application-specific vulnerabilities, so-called zero-day gaps, are among the biggest problems. Normally, several days pass between the disclosure of a vulnerability and the release of a bug fix. Most security experts agree that a web application firewall (WAF) should be part of the standard inventory of every IT environment nowadays. The WAF is dedicated to protecting web applications. All traffic to the web server first passes through the WAF, where the data traffic is checked for patterns. This enables the WAF to detect and block attacks. Among the preventable threats are, as mentioned, zero-day gaps, but also general patterns such as cross-site scripting (XSS) or SQL injections. However, WAF is often associated with high complexity, which prevents many SMEs from using it. But even an enterprise WAF can be configured and ready for use within a few minutes.

A major problem in connection with cyber security is data protection. Data is described as the most important currency of the digital world. It allows companies to deepen customer loyalty and increase market share. At the same time, hacker attacks and data thefts regularly make headlines. Swiss companies must guarantee the security of all stored personal data. Both employee and customer data must be protected in the best possible way. The Swiss Data Protection Act (DPA) provides for penal provisions in the event of intentional violations of the obligations to provide information, to report and to cooperate, as well as of the professional duty of confidentiality. The FADP revision is intended to create more transparency and strengthen the co-determination rights of data subjects. The draft revision leans heavily on the EU General Data Protection Regulation (GDPR). Companies with customers in the EU area are already subject to the GDPR today, although much higher fines than before are possible for the effective enforcement of data protection law since 2018.

Regularly check your security concept for vulnerabilities and carry out updates

In the IT security world, the combination of identity, data, network and device security is currently being pushed forward. Many companies have realized that standardized security programs no longer offer them sufficient protection against hacker attacks and data theft. In view of the threat situation, it is necessary to carry out a horizontal analysis of all security parameters. Companies should regularly check their security concept for possible weak points. Carry out all relevant security software updates and ensure that the latest version is always in use. 

When working with an IT infrastructure provider, the external partner usually takes care of the security of the IT environment. For IT service providers in particular, it is advisable not only to purchase servers or the IaaS packages from hyperscalers, which are often geared towards large companies, but to rely on a reliable cloud service provider. In addition to integrated security programmes, automatic recordings, continuous operation ("business continuity") and emergency planning are often included in the packages of cloud service providers. The infrastructure partner also takes responsibility for software and hardware and carries out regular patching of the systems. Patching again minimises security risks and ensures the best possible functioning of the systems. Our experts will be happy to answer any questions you may have on this topic.