Data security: advice from IMMOMIG SA


Data security: advice from IMMOMIG SA
With the digitalisation of our society, data security has become a central issue. Indeed, numerous threats have emerged and these concern the majority of economic fields, including real estate. IMMOMIG SA tells you more about the precautions to be taken to protect yourself.

Last May, the municipality of Rolle was the victim of a cyber attack. Refusing to pay a ransom, it saw some of its internal documents published on the darknet. This example is one of many. Since January 2020, cyber attacks have increased by more than 30,000% and in 2019 represented 1% of the world's GDP, or 600 billion dollars. These figures are one of the consequences of technological, socio-demographic and societal change.

Swiss and European legislation

Legally, the Federal Law on Data Protection (nLPD) was accepted by the Swiss Parliament on 25 September 2020. This text is supposed to be similar to the European legislation and the General Data Protection Regulation (GDPR). It is important to note that the GDPR applies when a Swiss company processes data of an EU resident. This regulation has several main axes such as transparency of processing, explicit consent, limitation of data retention, etc.

Several types of attacks

There are many types of attacks. They range from the most well-known, such as password cracking, malware or eavesdropping, to more advanced methods such as denial of service attacks (a computer attack aimed at making a service unavailable) or cross-site scripting (a flaw in the security of websites allowing content to be injected into a page).

The most common type of attack is certainly phishing. This method consists of obtaining sensitive data from an Internet user in order to impersonate them. The aim is to make the victim believe that they are addressing a trusted third party (bank, administration, etc.) in order to recover their personal data. The final objective is to use this information to steal money from an Internet user.

What to do?

If you are the victim of an attack, you can contact your local police and report the attack to the federal government, i.e. the National Cyber Security Centre (NCSC). However, you should not expect immediate results, as these attacks are often carried out from abroad.

As a preventive measure, several steps can be taken on a private level:

  • Use caution and common sense.

  • Check the sender of the email that contains a link or a file.

  • Always check the URL of the site on which access and/or personal data is entered.

  • Keep all systems (computer, software, etc.) up to date.

  • Change all passwords regularly.

  • Activate double authentication.

In a professional capacity, it is important to :

  • Train your employees on the dangers of the Internet.

  • Impose strict rules and discipline (culture).

  • Do not mix private and professional data.

  • Entrust your IT infrastructure to professionals.

  • Be scrupulous about software suppliers and favour data hosting in Switzerland.

  • Insure yourself against damage caused by cybercrime.

Finally, IMMOMIG SA makes every effort to ensure the security of your data. To do this, several measures have been taken:

  • Our customers' data is hosted in Switzerland (ZH).

  • All of our service providers are RGPD compliant.

  • Our clients' websites are secure (HTTPS).

  • Fraudulent ads are detected by active detection systems.

  • Access to the Immomig® software is via double authentication (2FA)

  • Modification of critical data outside office hours is not possible.