Swiss Data Centres
Your data remains exclusively yours. As a partner of Infomaniak Network SA, DIGITALABS protects your information through proprietary solutions that prioritise confidentiality, integrity and security.
Entirely located in Switzerland, Infomaniak places your data outside the jurisdiction of the United States and China, ensuring maximum sovereignty and neutrality.
Legal Framework & Compliance:
Contextual Analysis: ISS
DIGITALABS advises on Information Systems Security (ISS) and web platform security: back-end, front-end, databases, IoT ecosystems. We also train teams in cybersecurity to reduce threat exposure.
Our specialists conduct on-site security assessments for private clients and SMEs: operational environment analysis, tailored solutions that strengthen web platforms and IT infrastructure.
With over 49 million downloads according to its official counter and nearly 43% of websites worldwide, WordPress remains the dominant CMS: roughly 60% of the market. This ubiquity makes it a prime target for cyberattacks the moment a site falls out of date. Open source technologies offer flexibility but demand periodic updates and proactive maintenance.
Vulnerability Identification
The context of an IT project strongly influences its security posture.
Wordfence Threat Intelligence delivers real-time data on global cyberattacks: exploits, brute force, malware, blocked vulnerabilities. A clear case for continuous protection and monitoring. View the statistics from: Wordfence Threat Intelligence
When web applications are at the core of a business, strict security protocols must be followed:
- Modular and maintainable source code
- Database integrity and encryption
External access points in web portals:
- Contact forms
- Login or registration interfaces
- Password recovery systems
- External access to sensitive data
Forms are frequent targets. Unsecured URLs can also expose critical information, enabling retrieval of credentials or confidential documents.
High-quality source code is essential, but it is integrating security best practices from the earliest development stages that most effectively prevents intrusions.
Authentication: SFA vs 2FA
The stronger the security, the greater the constraints, for both users and developers. Strategies must focus on what truly needs to be protected.
Single-Factor Authentication (SFA)
Relies on a single credential (username and password) to verify identity. Despite strict policies, this method remains vulnerable to:
- Phishing attacks
- Credential leaks
- Human error
Why 2FA Matters
To reliably verify who is performing an action online, smartphones now serve as the most secure identifier:
- Personal ownership: users rarely lose or lend their phone
- Built-in biometric security: Face ID, fingerprint
- Enhanced authentication: reduced password dependency
2FA Authentication Principles
Something you KNOW
Username, password, PIN code.
Something you HAVE
Smartphone, OTP device, security key.
Something you ARE
Biometric factor: fingerprint, retinal scan, voice recognition.
Combining these layers ensures a multi-factor defence against unauthorised access and data breaches.
Cybersecurity is a continuous process. By combining secure infrastructure, robust encryption, reliable authentication and proactive monitoring, DIGITALABS builds resilient and compliant digital ecosystems with its clients.
Authentication
Security and Digital Sovereignty
Access security no longer relies solely on a password. Authentication methods have evolved: each offers a different level of protection and varying guarantees on digital sovereignty.
This table incorporates the Swiss dimension, local hosting and independence from foreign infrastructure as a selection criterion in its own right.
| Method | What you do | How it works | Security | Sovereignty (CH) | Recommended use |
|---|---|---|---|---|---|
| FIDO2 Hardware Key | Plug in or tap the key | Physical device confirms login via open standard | ★★★★★ | Yes open standard, no cloud | High value accounts, critical access |
| Passkeys | Face ID, Touch ID or device PIN | Device proves your identity without a password (FIDO2/WebAuthn) | ★★★★★ | Depends on provider (e.g. Proton Pass: Yes) | Best available option - recommended |
| TOTP Authenticator App | Enter a 6-digit code | App generates a new code every 30 seconds (open standard) | ★★★★ | Yes (e.g. Proton Authenticator, Aegis) | Robust, compatible with most services |
| Password Manager | Autofill credentials | Generates and stores unique, complex passwords | ★★★★ | Yes (e.g. Proton Pass, self hosted Bitwarden) | Essential for all accounts |
| Backup Codes | Use a saved code | One time codes generated when 2FA is activated | ★★★ | Yes if stored offline | Emergency access only print and store securely |
| Push Notification | Tap "Approve" | App requests confirmation on your device | ★★★ | No (mostly Big Tech applications) | Convenient but vulnerable to push bombing |
| Magic Link | Click a link received by email | Passwordless login via single use, time limited link | ★★★ | Depends on email provider | Occasional access, simple client portals |
| Email Code | Enter the code received by email | One time code sent to your inbox | ★★ | Depends on provider (Proton Mail: Yes) | Acceptable fallback method |
| Social Login / OAuth | "Sign in with Google / Apple" | Third party account delegates authentication: single point of failure | ★★ | No US infrastructure, third party account required | Avoid for sensitive access |
| SMS Code | Enter the code received by SMS | Text message code, vulnerable to SIM swapping and SS7 attacks | ★★ | No telecom infrastructure | Legacy only, replace as soon as possible |
Key Takeaway
Strong security and digital sovereignty are not mutually exclusive. FIDO2 and TOTP are the most secure methods. SMS is the least secure.
OAuth eases access but transfers control of the account to a third party. Prefer an open-source application governed by Swiss law, such as Proton Authenticator. Switch to a more secure method as soon as the platform offers one, especially for sensitive data.
Secure Your Infrastructure
Our experts assess your needs and implement tailored protection solutions.