THE ESSENTIALS

Microsoft is gradually phasing out external shares based on OTPs (One-Time Passcodes). Specifically: ❌ Anonymous links will no longer work 👉 External users will need to be invited as guests in Entra ID (Azure AD B2B) ⚠️ The problem: many service providers haven't anticipated this change. The result? Your external sharing could stop overnight. ✅ Immediate audit of external access ✅ Migration to Entra B2B ✅ Application of security policies (MFA, Conditional Access) 💡 Strategi

The BFMTV article confirms the release of Dark Sword, a tool that makes iOS hacking accessible without any technical expertise. The message is clear: update all your equipment (mobiles, servers and workstations) immediately. An unpatched endpoint is an open backdoor into your entire enterprise infrastructure. My approach: Faced with the democratization of these threats, my role as an external CIO is to structure your defense: 👉 Audit & Hygiene: Proactive identification of we

The ZDNet article confirms a massive vulnerability in the FICOBA database. For an executive or CIO, the usual advice ("change your passwords") represents the bare minimum level of protection. Faced with the threat of SEPA direct debit fraud, we must move from a reactive mode to a total control mode. Here are my 3 priority recommendations for securing your company's cash flow: 1️⃣ The EBICS TS (Transport and Signature) protocol: This is the "standard" for banking security. Unl

Everyone knows about SEO (Search Engine Optimization). But have you tested your GEO (Generative Engine Optimization)? 🤖 GEO is the art of optimizing your visibility not on a Google results page, but in the responses generated by AI (ChatGPT, Gemini, Perplexity). I put my structure through a crash test. The results are... instructive (and a little surprising). 📊 My current visibility score: Gemini: 13% Perplexity: 9% ChatGPT: 9% The diagnosis (thanks Gemini & Perplexity):

Too often, information systems are perceived as a cost center or a source of complexity. At Andiris , a member of the DSIACTIVE network , we are changing this view: your IT should be an engine of growth, not a hindrance. What is the difference? Unlike a service provider, an outsourced IT department integrates with your teams and acts exclusively in the interest of your strategy. We bring the rigor, absolute confidentiality and expertise necessary to secure your data and o

The Data Act (EU 2023/2854) fundamentally redefines data governance in Europe, particularly data from connected objects, industrial systems and associated services. 👉 For a CIO, the impacts are very concrete: • Data access by design IoT solutions must allow direct, secure and free access to the generated data, in usable formats. No more "default" technical barriers. • Extended portability and sharing Companies will be able to request the transfer of their data (personal and

Recent events perfectly illustrate this paradox. On the one hand, the deployment in Switzerland of a "quantum-safe" network with ID Quantique demonstrates that Cisco remains a cutting-edge technology leader. On the other hand, serious warnings about sophisticated cyberattacks serve as a reminder that even the best equipment has its vulnerabilities. 🔍 My feedback: Throughout my career as an IT Director, I have often chosen to limit the number of Cisco devices within our infra

This week, two events that should give us pause for thought: ⚙️ Amazon Web Services (AWS) is experiencing a major outage in its US-East-1 region. As a result, services like Snapchat, Canva, or Capital.fr become partially or totally inaccessible. 🛡️ F5 Networks, a global cybersecurity company, has announced that it has been the victim of a sophisticated cyberattack. The intrusion is believed to be linked to a state-sponsored group. Internal data and source code have rep

For over 15 years, I have worked in tandem with a legal specialist to manage IT contracts. I also completed specialized training at Francis Lefebvre, which allowed me to deepen my understanding of the specific legal aspects of IT contracts. A good contract rests on several pillars. Fair? Yes, but that's only the foundation. IT contracts have specific characteristics that are often overlooked by lawyers: 🧠 Intellectual property: who owns what, and under what conditions. 🚫 Ev

This is a question I encounter very often in my work as an outsourced CIO. Behind it all, the same issues always lie: data security, regulatory compliance, and operational efficiency. I had the opportunity to share my experience in a white paper dedicated to access and password management. I offer a practical perspective: Why a centralized manager has become indispensable, and above all, what criteria should be considered to choose the right one in a business context. If this

One week after discussing onboarding, it's time to address the other side of the coin: an employee's departure. Like their arrival, this moment is critical and requires method and rigor. 💻 Disable access: From the outset, the employee should no longer have access to information systems, cloud applications, email, or VPN. Every oversight can create significant security risks. 🖥️ Equipment recovery and processing: computers, phones, badges… each piece of equipment must follow

I don't have a Gmail account, but for my personal Google account, I took this precaution and changed my password as soon as the alert was issued. Thanks to unique passwords for each of my sites, managed via a password manager, and two-factor authentication, the incident was quickly closed. Even for an expert, cybersecurity starts with simple but essential actions. #Cybersecurity #PasswordManagement #CIO #DigitalTransformation #ComputerSecurity https://lnkd.in/eVPn

When I get involved in a company, I don't stay on the sidelines. I sit down at the table, immerse myself in the culture, and act as if I were a full-fledged member of the team 🤝 Trust is at the heart of this approach. Because on a daily basis, I have access to what the company holds most sensitive: its data, its strategic projects, its vision. Without confidentiality and loyalty, it's impossible to build a strong and lasting collaboration 🔒✨ And this logic also extends to m

During a Senate hearing, Anton CARNIAUX, Legal Director of Microsoft France, acknowledged a reality often downplayed: the Cloud Act applies even to data hosted in European datacenters . 👉 If the parent company is American, U.S. law prevails . ⚖️ Why this matters:The Cloud Act allows U.S. authorities to request data held by any American provider, even if stored outside the United States . ✅ Practical solutions, even for SMEs: 🔹 Data Privacy Framework (DPF) (since 2023) gove

➡️ Yet another example that illustrates why the governance of file sharing tools must remain in the hands of the IT department. I have always insisted: data sharing outside the company should never be done via unvalidated tools. This case is emblematic. Yes, WeTransfer claims that its AI is used solely for moderation… but the wording of their Terms of Service remains vague. And this is not the first warning: in June 2019, a security incident allowed third parties to access fi

Proud to support the digital transformation of an outsourced CIO Quantor Avocats - Notaires , this new structure born from the alliance between D&V Avocats and notaries committed to innovation. Bringing lawyers and notaries together in a single structure is already a revolution in the legal approach. Their ambition: to offer integrated, seamless, and strategic support to both businesses and individuals. It is a privilege to lead the modernization of their information syst

A dazzling edition, in every sense of the word — with spectacular immersive installations, humanoids that interact live, and robots on spherical wheels that captivate the crowds. 🌈🤖⚡️ 🧠 What I saw wasn't just technical demonstrators. It highlighted applied artificial intelligence, evolving robotics, and above all, their practical usefulness in our daily lives. What was a prototype five years ago is now a business solution. 🦊 Special mention to the orange robot with a fox

Article to read: https://lnkd.in/eRuSDSt9 A massive data breach revealed by ZDNet affects Google, Microsoft, Facebook, and many other critical services. The compromised data includes real passwords, in plain text, easily exploitable by attackers. 👉 As a leader, you have two reflexes to adopt immediately: Change your passwords, especially if you reuse them on multiple services. Check if your email address has been compromised: https://haveibeenpwned.com 💡 This type of

Cyberattacks on smartphones are constantly increasing. A recent attack via WhatsApp allowed hackers to infiltrate devices using sophisticated spyware. This type of attack, known as a "clickless" attack, compromises a phone without the user needing to interact with a link or attachment. The threat is therefore invisible and very difficult to detect. 👉 What particularly interests me: 1️⃣ Applications like WhatsApp, often used without the knowledge of company IT departments,

It's a fact: today, if your IT system doesn't meet strict security criteria, you could simply be deemed "uninsurable for cyber risks." This raises two crucial questions: 1️⃣ What is the maturity level of your IT security? A cyber insurance application can become an unofficial audit of your system. Insurers require robust security measures before agreeing to cover risks. If you are uninsurable, it reveals weaknesses that can expose you to enormous risks. 2️⃣ Is your company re