Blog & news

Blog — Data Recovery and Cybersecurity

Technical analyses, prevention tips and data recovery news from the experts at SOS Data Recovery, Swiss laboratory since 2006.

Cybersecurity & prevention
In-depth technical analyses
Expert practical advice
Free diagnosis Estimate your recovery
Free diagnosis Quote within 3 hours Your data stays in Switzerland
Entrust My Drive
or
Estimate the cost online
Daily Digital Hygiene: 7 Essential Practices for Every Employee in a Swiss SME

Daily Digital Hygiene: 7 Essential Practices for Every Employee in a Swiss SME

  • January 23, 2026
  • Author : Peter Senn
  • Updated on:
#digital hygiene #Swiss SME cybersecurity #phishing #passwords #backups #nLPD #French-speaking Switzerland #awareness #2FA #ransomware

Key Takeaways

  • 1 in 6 Swiss SMEs (16%) has experienced at least one cyberattack in the last five years (AXA, 2025)
  • 70% of phishing-related breaches target SMEs, not large enterprises (Verizon DBIR, 2025)
  • 94% of passwords are reused or duplicated across multiple accounts (CyberNews, 2025)
  • 32% of ransomware attacks start by exploiting unpatched software (ExpertInsights, 2025)
  • The 7 practices presented here require no technical skills
  • Swiss nLPD: obligation to notify a breach as soon as possible after its discovery (art. 24)

Digital hygiene refers to the daily behaviors that enable each employee to reduce the risk of cyberattacks and data breaches, without specific IT skills. In Switzerland, 1 in 6 SMEs (16%) has experienced at least one cyberattack in the last five years — this figure rises to 35% for companies with 50 to 250 employees (AXA, 2025). Seven simple practices — locking your session, checking suspicious emails, using strong passwords, keeping your software up to date, cleaning your downloads folder, logging out of online services, and regularly backing up your data — are enough to build an effective collective defense. These reflexes, integrated into each employee's routine, constitute the first line of defense for any Swiss SME.

« A single act of negligence, a single click on the wrong link, and the entire organization can be paralyzed by a cybersecurity incident. »
 
1/6 Swiss SMEs have experienced at least one cyberattack in the last five years. For companies with 50 to 250 employees, this figure rises to 35%.
[AXA — SME Employment Market Study 2025]
 

Practice 1 — Systematically Lock Your Session When You Step Away

Definition: Session Locking Session locking is a physical security measure that makes a workstation inaccessible as soon as the user steps away, preventing unauthorized access to open data, applications, and accounts.

Shortcuts to Know

System Shortcut Action Duration
Windows Windows + L Instant
macOS Command + Control + Q Instant
Linux (GNOME) Super + L Instant

Risks of an Unlocked Session

A workstation left unattended — even for 30 seconds — exposes the organization to: access to professional emails, consultation of confidential documents, installation of malware via USB drive, and digital identity theft on internal systems. This practice is particularly critical in shared spaces: open-plan offices, meeting rooms, coworking spaces.

Practice 2 — Verify the Sender Before Opening an Email or Attachment

Definition: Phishing Phishing is a social engineering attack technique in which an attacker impersonates a trusted entity (bank, supplier, management) to induce the victim to disclose credentials, click on a malicious link, or make a fraudulent transfer.
 
+35% increase in CEO fraud reports in Switzerland in 2025 (970 cases, compared to 719 in 2024). 82% of phishing campaigns are now generated by AI, making the messages undetectable to the naked eye.
[FCSO, Annual Report 2025]

Verification Table for a Suspicious Email

Warning Sign How to Verify
Unknown or unusual sender Click on the display name to see the full address
Slightly modified domain Ex. bexxo-ch.com instead of bexxo.ch → report
Link in the body of the message Hover without clicking — check the actual URL
Unexpected attachment Call the sender by phone to confirm
Urgency or time pressure Strong indicator of a scam — verify before acting
Request for transfer or credentials Mandatory two-level validation protocol

Recommended tool: Bexxo's PhishTrainer — realistic phishing attack simulations to train teams to detect these messages before clicking.

Practice 3 — Use Strong and Unique Passwords

Definition: Password Manager A password manager is an application that generates, stores, and automatically fills in complex and unique passwords for each service, protected by a single master password and, ideally, by two-factor authentication (2FA).
 
94% of passwords are reused or duplicated across multiple accounts. Only 3% comply with NIST recommendations. Stolen credentials sell for an average of 10 USD on criminal marketplaces.
[CyberNews, analysis of 19 billion passwords, 2025 — Verizon DBIR 2025]
 
Bad Practice Risk Good Practice
Same password everywhere 1 breach = all accounts compromised 1 unique password per service
Short password (< 12 char.) Crackable in a few hours 20+ randomly generated characters
Memorable passwords Easy to guess Password manager
No 2FA Stolen credentials = direct access 2FA on all critical accounts
 
Definition: Two-Factor Authentication (2FA / MFA) Two-factor authentication is a security method requiring two distinct proofs of identity before granting access: typically a password (what you know) and a temporary code generated by an application (what you have).

Recommended solution for Swiss SMEs: Proton Pass — Swiss password manager, end-to-end encryption, 2FA integration included.

Resource: Complete Password Security Guide

Practice 4 — Regularly Update Your Tools and Applications

Definition: Security Patch A security patch is a software update that addresses an identified vulnerability, eliminating a flaw that can be exploited by attackers before an intrusion occurs.
 
21,500 CVEs (known vulnerabilities) disclosed in H1 2025 — a record. 32% of ransomware attacks exploit unpatched software. Vulnerability exploits account for 20% of breaches in 2025, up +34% in one year.
[Recorded Future H1 2025 — ExpertInsights — Verizon DBIR 2025]
 
« A single unpatched computer connected to the network can serve as an entry point to infect an entire SME's infrastructure with ransomware. »

 

System How to Activate Recommended Frequency
Windows Settings → Windows Update → Automatic Immediately upon availability
macOS System Preferences → Updates → Automatic Immediately upon availability
Mobile Applications App Store / Google Play → Automatic Updates Weekly
Web Browsers Enabled by default in Chrome, Firefox, Edge Continuous

Resource: Automatic Updates for Swiss SMEs

Practice 5 — Regularly Clean Your Downloads Folder

Definition: Data Minimization (nLPD, art. 6) Data minimization is a principle enshrined in the Swiss nLPD according to which only strictly necessary data should be collected, processed, and retained — and deleted as soon as it is no longer useful.

The downloads folder is one of the least secure places on a professional computer. Contracts, invoices, email attachments, installation files — everything accumulates there without control, often without encryption. A weekly cleanup reduces the attack surface and contributes to nLPD compliance.

Resource: AMF and nLPD Guide for Swiss SMEs

Practice 6 — Log Out of Online Services After Use

Explicit logout — and not just closing the tab — is an often-neglected measure. An account that remains logged in remains accessible to anyone who accesses the device or intercepts the session.

Context Risk if Not Logged Out Recommended Action
Shared computer (office, training) Direct access by the next user Mandatory logout before leaving
Public Wi-Fi (café, hotel) Session hijacking VPN + systematic logout
Lost or stolen device Access to all open services Remote revocation of active sessions
Banking or payment service Fraudulent transfer Immediate logout after each operation
Absolute rule: never check "Stay logged in" on a shared computer, a loaner device, or an unsecured network. This box is a permanent invitation for anyone who subsequently accesses the device.

Practice 7 — Regularly Back Up Your Work and Verify Backups

Definition: 3-2-1 Backup Rule The 3-2-1 rule is a backup strategy recommending keeping 3 copies of the data on 2 different media including 1 offsite copy, guaranteeing data recovery in the event of ransomware, disaster, or hardware failure.
 
Incident Without Backup With 3-2-1 Rule
Ransomware Total loss or ransom Restoration from the unencrypted copy
Hardware failure Loss of workstation data Restoration from the secondary medium
Disaster (fire, flood) Total loss if everything is on-site Restoration from the offsite copy
Accidental deletion Irrecoverable Restoration from the previous version

Recommended Solutions for Swiss SMEs

  • Microsoft 365 / Google Workspace — real-time backup of emails and documents
  • kDrive by Infomaniak — triple replication in two Swiss datacenters (Geneva), nLPD compliant
  • Swiss Backup by Infomaniak — cloud backup, servers exclusively in Switzerland, guaranteed nLPD compliance
Important: an untested backup is a backup whose integrity cannot be guaranteed. Test the restoration at least once per quarter.

Resource: Backup Security Plan

Checklist of 7 Practices to Display in Your Offices

  • Lock your session as soon as you step away (Win+L / Cmd+Ctrl+Q)
  • Verify the full sender address before any click
  • A unique password per service + 2FA enabled
  • Install updates without delay
  • Empty the downloads folder every week
  • Log out of sensitive services after each use
  • Back up according to the 3-2-1 rule and test the restoration

Frequently Asked Questions — Digital Hygiene for Swiss SMEs

What is digital hygiene?

Digital hygiene is the set of daily practices that enable each user to reduce the risks of cyberattacks and data breaches, without specific IT skills. It is based on seven simple practices — session locking, email verification, strong passwords, regular updates, cleaning downloads, systematic logout, and backups — which, when practiced collectively, create a true security culture within the organization.

Why is digital hygiene crucial for Swiss SMEs in 2026?

In Switzerland, 1 in 6 SMEs (16%) has experienced at least one cyberattack in the last five years, and 70% of phishing-related breaches target SMEs (Verizon DBIR, 2025). SMEs are prime targets because they often have valuable data but limited security resources. In addition, the nLPD has required notification of personal data breaches as soon as possible since September 2023 (art. 24).

How long does it take to integrate these practices into daily life?

Research in behavioral science indicates that habit formation requires an average of 21 to 66 days of conscious practice. In a professional context, with a weekly reminder and a summary poster, most employees integrate these 7 practices in 3 to 4 weeks.

What to do if an employee accidentally clicks on a suspicious link?

Act immediately: (1) disconnect the device from the Wi-Fi and wired network, (2) contact the IT department or external provider, (3) do not turn off the device (preservation of forensic traces), (4) change passwords from another device, (5) monitor access to professional accounts for the next 24 hours.

Is digital hygiene sufficient to protect a Swiss SME?

These 7 practices constitute the indispensable foundation — they eliminate the majority of common attack vectors. They do not replace complementary technical measures: firewalls, antivirus, offsite backups, security audits. For complete protection, support from a specialized partner is recommended. The combination of good human practices and adapted technical solutions represents the optimal defense for SMEs in French-speaking Switzerland, Bern, Lausanne, and Geneva.

How to effectively raise employee awareness of digital hygiene?

Three methods have proven their effectiveness: (1) short 15-20 minute sessions regularly rather than one large annual training, (2) realistic phishing simulations with PhishTrainer to train through experience, (3) summary poster of the 7 practices in workspaces. Training by example — showing the concrete consequences — is more effective than theory alone.

Conclusion

Digital hygiene is neither complicated nor technical. These 7 practices — session locking, email verification, unique passwords and 2FA, regular updates, cleaning downloads, systematic logout, and verified backups — constitute the first line of defense for any Swiss SME. Practiced collectively, they create a security culture that significantly reduces the attack surface to cyber threats. After a few weeks, they become automatic.

Do you want to raise awareness among your employees or assess the security posture of your SME? Our experts support SMEs in French-speaking Switzerland, Bern, Lausanne, and Geneva. Contact Bexxo →

Sources

  • AXA — SME Employment Market Study 2025 (December 2025)
  • Federal Cyber Security Office (FCSO) — Annual Report 2025
  • Verizon — Data Breach Investigations Report (DBIR) 2025
  • CyberNews — Password Leak Study 2025: analysis of 19 billion passwords
  • ExpertInsights — Patch Management Statistics and Trends 2025
  • Recorded Future — H1 2025 Malware and Vulnerability Trends
  • nLPD — Federal Act on Data Protection (RS 235.1), in force since September 1, 2023
Available 24/7

Data emergency? We respond immediately.

Critical data loss, server failure, tight deadline — our on-call team responds urgently, including weekends and public holidays.

+41 840 440 840 Entrust My Drive Estimate the cost online