Effective cybersecurity

The majority of cyber attacks originate from phishing e-mails. Phishing is becoming more and more difficult for employees to recognise – precisely because attackers use artificial intelligence to perfect cyber attacks. Improve security in your company with automatic phishing detection and automatic blocking of fraudulent target sites.

Cybercriminals infect systems with malware so that they can try to access your data and systems or encrypt your data (ransomware). We reduce this risk for you by detecting infected websites, downloads and e-mail attachments and blocking access to them. Irrespective of where and how employees access their e-mails and the Internet – whether in the office, at home or on the move, from a company laptop, a smartphone or even a private device.

Cybercriminals try to circumvent technical protective measures by deceiving employees using phishing or social engineering techniques. They make them divulge confidential information or download harmful programs. We can help you to raise awareness among your employees in order to prevent this from happening. With targeted training and regular phishing simulations, your employees will be trained to recognise attacks and respond correctly in an emergency.

For a long time, VPN connections were the only way of accessing a company network from anywhere outside the office. However, these are often too expensive for smaller companies, and they also allow access to all the data and systems on the network. This poses a security problem, especially if a third party gains access to the network. We can offer you extremely safe, high-performance and user friendly access to company data – from anywhere and on a Zero Trust basis. This ensures that employees and business partners are only able to access the company data and applications they are authorised to view – irrespective of where they access the data or systems from, and no matter whether the data and systems are held on your local server or in the cloud.

Unauthorised third parties repeatedly attempt to gain access to company data and applications using stolen login credentials. We can help you to make this more difficult for attackers. In order to access data and systems, users must first connect to our secure company network via a rigorous authentication process. Data and systems can only be accessed after this stage. Every access attempt is verified by means of various parameters such as place, time or device characteristics, so any attempt to access data from abroad or from a third-party device, for example, can be blocked.

Software or applications that have not been approved by a company’s IT department (shadow IT) constitute a significant security risk. Examples include applications such as Dropbox, Google Drive and ChatGPT. In addition to introducing potential security vulnerabilities, these systems can be the cause of data loss and data protection breaches. We offer you the option to block applications like these centrally within your company or to block uploads of sensitive information such as customer data.

We have comprehensive security measures in place to protect your data while it is stored in the Swisscom Cloud and prevent ransomware attacks aimed at encrypting your data. As an additional safeguard, regular, automated data backups minimise the risk of prolonged downtime after a cyber attack. Backup data can be restored and the IT system can be reinstated without any payment of ransom.

Our cloud solutions can support you in meeting legal and regulatory requirements (of FINMA and the Swiss Federal Act on Data Protection, for example). Modern security technologies, the option of data storage with Swiss jurisdiction, audit-compliant storage and continuous monitoring and logging of data activity can all help to make operating processes traceable. This assists companies in fulfilling accountability obligations and makes audits easier to pass.

You can significantly reduce your risk of downtime by replacing local servers with cloud services. Thanks to geo-redundant storage in multiple data centres, you will minimise interruptions caused by hardware failures, natural disasters and other faults occurring at any of your locations. In addition, you will benefit from a variety of security precautions offered by Swisscom as a cloud service provider. These include an uninterruptible power supply, access controls and hardware defect protection as well as regular updates and security configurations.

In order to make targeted investments in cybersecurity, you need to start with an overview of your situation. Our security experts can help you to identify security vulnerabilities in a structured, purposeful manner and determine what action is required. They can ensure you have a sound basis on which to develop and implement a successful IT security concept.

The longer a cyber attack remains undetected, the greater the potential damage. We can support your company by supplying comprehensive reports and automatic notifications about successful or attempted cyber attacks and provide you with user data for analysing each incident. This will facilitate rapid detection and analysis of cyber incidents, and can help you to fulfil any reporting and information obligations that you may have. By using artificial intelligence, we can also detect complex attacks and zero-day threats.

In the event of a cyber attack, you will be assisted by experienced security professionals who will investigate the compromised systems to identify the cybercriminals’ actions and assess the extent of the attack. This in-depth security check can be used to determine the required IT system clean-up and restoration activities and appropriate communications.