Kyos is now member of the Center for Internet Security (CIS) SecureSuite, becoming the only swiss-based IT security service company to be member. This membership allows us access to multiple cybersecurity resources in order to benchmark our client cybersecurity defenses against CIS controls in particular through our following services : Kyos Security Insights, which contains add-ons to our managed services for SMB in order to review of our...

Securing, storing and managing encryption keys and digital identities in a high assurance can be critical.  Maintaining keys in hardware throughout their life-cycle is a best practice mandated by system security auditors and certification bodies responsible for attesting to the security status of cryptographic systems. The Thales Luna Backup HSM ensures your sensitive cryptographic material remains strongly protected in FIPS 140-2 Level 3...

During this period of confinement, the number of users of remote audio-visual collaboration tools has increased considerably. Security researchers are well aware of this and have increased their efforts in researching security issues related to these products. Microsoft Teams is no exception, with the article Beware of the GIF: Account Takeover Vulnerability in Microsoft Teams by CyberArk published on April 27...

With the availability of Microsoft Office 365 hosting in Switzerland, Microsoft has accelerated the use of Azure by Swiss organizations and companies. Indeed, by guaranteeing a local hosting of data, the obstacles linked to the respect of certain regulations or standards are reduced. In addition to Office 365, Exchange Online, SharePoint Online, OneDrive Enterprise and Teams are also available in Switzerland. In this way, Microsoft wants to...

Business Continuity Plan As governments are taking increasingly drastic measures to limit the spread of coronavirus, your company’s business continuity may be threatened. Kyos has already put in place a number of actions to ensure continuous service (see below), but can also assist you in the implementation of a remote working strategy. In the case of the Covid-19 the first threat is not to be able to access the company’s premises,...

Like most of our clients, we are increasingly using cloud services, which brings benefits as well as risks, especially in terms of data protection. Even though the migration to a hybrid cloud architecture is slow, it is happening faster than you might think. For example, our suppliers and partners are pushing us to use more and more cloud services. For example, we need to register opportunities related to identified client needs in partner...

The Swiss Cyber Security Days represent Switzerland‘s leading expertise in cyber security in an international environment. They bridge the knowledge gap between technology and the population and provide insights into current and future threats and innovative solutions for specialists and users. It’s the first Swiss platform to bring the following individuals together in one place over two days: Consultants System integrators Publishers...

The payShield 9000 will officially be withdrawn of the payShield 9000 family of hardware security modules, together with the associated software, accessories and services. In April 2019 the payShield 10K family launched the direct replacement for the payShield 9000 offering a seamless upgrade for existing Thales payment HSM customers. The last time to buy on hardware is 30th June 2020 and the end-of-life for support will be 31st December 2022....

Individual responsibility is one of the key factors in involving employees in the quality of service provided to customers, in line with our IT security mission. Usually, the responsibility in a company belongs to the management. When Kyos went from 20 to 40 employees, we had to set up a “middle management”, and applied the “good practices” of management. But over time we have been confronted with confusion about the...

Too much security kills security The subject of multi-factor authentication is a good illustration of the adage “Too much security kills security”. Security often tends to make the use of IT more complex for users. They then bypass or reduce security mechanisms in order to be more efficient in their work. This is the case, for example, with strong authentication to Windows Logon. Indeed, despite the awareness of users to use always...