THE ESSENTIALS

The ZDNet article reminds us of the importance of enabling the firewall and stealth mode on Macs. I've been doing that for a long time. What about you? In business, it's a constant balancing act between protection and agility: The Firewall (Blocking in the office): It filters incoming access. "Plug & Play" is a thing of the past; you must manually approve each new tool or network printer or risk being blocked. Stealth Mode (ideal for travel): It ignores diagnostic pings. A ha

This is a real-life case that I will detail during my next training session at the Community of Municipalities of the Cantilienne Area . Among many other cyber traps specifically targeting the leaders of very small and small businesses, we will see how to avoid this kind of catastrophic scenario. The story? An emergency call received less than a month ago from the manager of a premium tourist accommodation. With one click, his clients were being redirected to a foreign phar

The latest Windows update now integrates the Secure Boot status directly into the settings. More than just an interface detail, it's a health indicator for your hardware chain of trust. The key issue: pre-boot integrity. Secure Boot is the only effective defense against rootkits and bootkits. These malware programs execute before the operating system, rendering your EDR/Antivirus solutions powerless because the kernel itself is already compromised. The operational observation

Microsoft is gradually phasing out external shares based on OTPs (One-Time Passcodes). Specifically: ❌ Anonymous links will no longer work 👉 External users will need to be invited as guests in Entra ID (Azure AD B2B) ⚠️ The problem: many service providers haven't anticipated this change. The result? Your external sharing could stop overnight. ✅ Immediate audit of external access ✅ Migration to Entra B2B ✅ Application of security policies (MFA, Conditional Access) 💡 Strategi

The scenario is well-rehearsed: I receive a #SMS "From the delivery driver" informing me that a package could not be delivered. A photo of a truck full of boxes was included to support this claim for credibility. 🪝 The catch? The SMS arrives at the exact moment I receive an Amazon delivery notification. My reflex: 1️⃣ Immediate suspicion 🫥: Never click on the link in the SMS. 2️⃣ Source verification: Opening the official Amazon app. 3️⃣ Proof by image: My packag

The BFMTV article confirms the release of Dark Sword, a tool that makes iOS hacking accessible without any technical expertise. The message is clear: update all your equipment (mobiles, servers and workstations) immediately. An unpatched endpoint is an open backdoor into your entire enterprise infrastructure. My approach: Faced with the democratization of these threats, my role as an external CIO is to structure your defense: 👉 Audit & Hygiene: Proactive identification of we

Running a very small business or a small to medium-sized enterprise (SME) means constantly balancing priorities. However, digital security should no longer be a variable to be adjusted: it is the foundation of your business continuity. I am pleased to be leading a training session for executives, organized by the Community of Communes of the Cantilienne Area . The goal is clear: 0️⃣% jargon, 💯% operational. Together, we will address the critical points to protect your st

The answer is simple: "Are you 100% sure that you (or one of your colleagues) will never click on a fraudulent link?" Every day, 2 billion fraudulent emails are sent worldwide. Technology filters the vast majority, but zero risk does not exist. The attacker is no longer trying to force your reinforced door; he is waiting to be opened from the inside. Cybersecurity is not just a collection of software. It's a chain of vigilance where humans are the first line of defense... or

The ZDNet article confirms a massive vulnerability in the FICOBA database. For an executive or CIO, the usual advice ("change your passwords") represents the bare minimum level of protection. Faced with the threat of SEPA direct debit fraud, we must move from a reactive mode to a total control mode. Here are my 3 priority recommendations for securing your company's cash flow: 1️⃣ The EBICS TS (Transport and Signature) protocol: This is the "standard" for banking security. Unl

According to the latest study published by Cybermalveillance.gouv.fr : 📊 16% of very small and small businesses have suffered a cyberattack this year. 🔍 44% feel highly exposed. 🛡️ 58% believe they are well protected (+20 points in one year). 🔐 51% have a password policy. 📲 26% use two-factor authentication. 🚨 24% have a response plan. ⚠️ 80% do not feel truly ready to face it. Thanks to Cybermalveillance.gouv.fr for this useful and factual reminder. The figures are

It is associated with cost reduction, when it is primarily a matter of managerial clarity. In this intervention of Frédéric Barbier on BSMART 4Change , one point seems central to me: 👉 outsourcing is not delegating blindly, it is giving yourself the means to act faster and better, with immediately operational skills. In the field of very small and small businesses, I see it every week as an outsourced CIO at 🟣 DSIACTIVE : The leader rarely lacks vision. It mai

And that is precisely where the subject becomes strategic. When an MFA deployment takes months, or even longer, the real question is no longer just how to secure it today, but what that security will be worth at the end of the project. Attackers, however, don't wait. MFA fatigue, targeted phishing, session hijacking: MFA is no longer an end in itself. In such a critical ministry, the approach must be visionary: to think now about the post-MFA era — authentication without pass

Too often, information systems are perceived as a cost center or a source of complexity. At Andiris , a member of the DSIACTIVE network , we are changing this view: your IT should be an engine of growth, not a hindrance. What is the difference? Unlike a service provider, an outsourced IT department integrates with your teams and acts exclusively in the interest of your strategy. We bring the rigor, absolute confidentiality and expertise necessary to secure your data and o

For 2026, Andiris is harmonizing its image. Today we are launching our new visual identity, which will now be featured across our entire website. This new logo reaffirms our three strategic pillars (the three yellow dots): 🟡 Innovate: Modernize your tools and practices. 🟡 Transform: Drive your IT towards performance. 🟡 Secure: Guarantee the integrity of your digital assets. A cosmetic evolution that reflects our requirement: clarity, rigor and operational efficiency. 👉 Di

Recent events perfectly illustrate this paradox. On the one hand, the deployment in Switzerland of a "quantum-safe" network with ID Quantique demonstrates that Cisco remains a cutting-edge technology leader. On the other hand, serious warnings about sophisticated cyberattacks serve as a reminder that even the best equipment has its vulnerabilities. 🔍 My feedback: Throughout my career as an IT Director, I have often chosen to limit the number of Cisco devices within our infra

The cost of recovery from the cyberattack on high schools in Hauts-de-France: €22.75 million 💰💰💰 Let’s be clear: which private company could absorb such an expense just to get back on its feet? ❌❌❌ None ❌❌❌ Only “Enterprise France” survives, supported by public funds. For an SME or mid-sized company, €22.75M means certain bankruptcy. Investment in preventive cybersecurity is not a cost center. It is the only insurance policy that guarantees the continuity of your business.

This week, two events that should give us pause for thought: ⚙️ Amazon Web Services (AWS) is experiencing a major outage in its US-East-1 region. As a result, services like Snapchat, Canva, or Capital.fr become partially or totally inaccessible. 🛡️ F5 Networks, a global cybersecurity company, has announced that it has been the victim of a sophisticated cyberattack. The intrusion is believed to be linked to a state-sponsored group. Internal data and source code have rep

This is a question I encounter very often in my work as an outsourced CIO. Behind it all, the same issues always lie: data security, regulatory compliance, and operational efficiency. I had the opportunity to share my experience in a white paper dedicated to access and password management. I offer a practical perspective: Why a centralized manager has become indispensable, and above all, what criteria should be considered to choose the right one in a business context. If this

But did you know that ⚠️ 80% of security breaches and performance losses come from poor maintenance hygiene? Many leaders and entrepreneurs launch their website, then… ⏳ stop updating it. Result : ➡️ 💀 Hacking risks ➡️ 🐢 Degraded user experience (outdated plugins, slowness, bugs 🐞) ➡️ 👻 Loss of visibility (SEO penalized by Google if the site is not optimized 🔍) ➡️ 😬 Unprofessional image (outdated design = lack of credibility 🎨) Here is the essential checklist for

A zero-day vulnerability is currently being exploited on iOS, iPadOS, and macOS. It could allow attackers to compromise your devices and data. Update all your Apple devices immediately: 👉iOS 18.6.2 / iPadOS 18.6.2 👉 macOS Sequoia 15.6.1, Sonoma 14.7.8, Ventura 13.7.8 Access paths for the update: 👉 iPhone / iPad: Settings → General → Software Update 👉 Mac: Apple menu → System Preferences → Software Update For companies with mass deployment tools, now is the ideal time to u