Blog — Data Recovery and Cybersecurity

Shadow IT and Shadow AI: The Invisible Risks Threatening Your SME

Shadow IT refers to the unauthorized use of digital tools within a company — and its variant, Shadow AI, is now one of the main sources of data leaks for Swiss SMEs. Every time an employee copies customer data into ChatGPT or stores files on their personal Dropbox, your sensitive data escapes all control. Discover the concrete risks associated with the revised Federal Act on Data Protection (nLPD) and the American Cloud Act, and the sovereign solutions to regain control without hindering the productivity of your teams.

Complete Shadow IT / Shadow AI guide for Swiss SMEs: nLPD risks, Cloud Act, sovereign solutions (Euria, kDrive, Proton Drive, SwissTransfer) and practical governance.

Daily Digital Hygiene: 7 Essential Practices for Every Employee

Digital hygiene refers to the daily habits that protect a company from cyber threats—without requiring technical training. Here are the 7 essential practices that every employee in a Swiss SME can adopt today to significantly reduce the risk of cybersecurity incidents.

Swiss SME Cybersecurity: 2025 Summary & 30/60/90-Day Action Plan for 2026

The guide that transforms cybersecurity into 9 concrete actions for Swiss SMEs 10-250, with a 30/60/90-day plan adapted for both managers and IT teams (two reading paths).

Why Swiss SMEs Need to Enable Automatic Updates

Automatic updates are the simplest and most effective cybersecurity measure to protect your Swiss SME: a one-time setup of just a few minutes is enough to block cyberattacks that exploit known vulnerabilities. According to the National Cyber Security Centre (NCSC), 60% of cyber incidents affecting Swiss SMEs exploit unpatched software flaws. Discover how to configure this essential protection without disrupting your daily operations, with solutions tailored to the realities of Swiss SMEs and the requirements of the revised Federal Act on Data Protection (nLPD).

BYOD in Business: How to Protect Your SME When Employees Use Personal Devices

BYOD (Bring Your Own Device) refers to the practice of employees using their personal smartphones, tablets, and computers for professional purposes. According to the Allianz Risk Barometer 2024, cyber incidents are the number one risk for businesses, and unregulated BYOD is a major vector.

For Swiss SMEs, the concrete consequences of an inadequate BYOD policy include: customer data leaks, violations of the nLPD (new Federal Data Protection Act, in force since September 2023), rebound cyberattacks, and business interruptions.

This practical guide explains how to effectively manage BYOD with five accessible measures: define a clear policy, protect devices, separate professional and personal data, control access, educate your teams, and plan for emergencies. Concrete advice, without technical jargon, to protect your business without overcomplicating things.

Key Takeaways

• Unregulated BYOD is a major vector of cyber incidents for SMEs
• A written BYOD policy reduces the risk of data breaches by 60% (Ponemon Institute, 2023)
• The nLPD imposes strict obligations in the event of personal data leaks
• Swiss solutions (Infomaniak, Proton) ensure data sovereignty
• Implementing two-factor authentication (2FA) blocks 99.9% of automated account attacks (Microsoft, 2023)