Monday February 23 2026

WHY INTERNAL SECURITY IS EVERYONE’S BUSINESS: A CONCRETE EXAMPLE THAT CHANGES EVERYTHING

In a world where cybercrime is evolving faster than ever, IT security is no longer solely the responsibility of large companies or technical teams.

It concerns all organizations: management companies, suppliers, large and small, as well as every employee who handles data or exchanges sensitive information.

And sometimes, it is precisely those partners that we consider “non-strategic” or “of no interest to fraudsters” that become the ideal entry points for an attack.

A REAL-LIFE EXAMPLE: WHEN A SMALL SUPPLIER BECOMES THE TARGET OF A HACKER

We recently experienced a situation that perfectly illustrates why vigilance must be constant and shared.

One of our small suppliers—which no one would have imagined would be targeted by a cybercriminal—had been monitored by a hacker for some time. The day this supplier emailed us to announce a change of bank, everything seemed normal. We also received confirmation by phone, as expected.

But very quickly, something seemed off.

According to certain details noted in the exchanges, the supplier was no longer actually receiving our messages. They were being redirected to the hacker, who was intercepting the exchanges and attempting to impersonate the supplier in order to divert the payment.

Worse still, even the supplier’s generic info@… email address had been compromised.

Fortunately, thanks to our enhanced internal controls, the inconsistency was detected very early on and the situation was quickly resolved.

WHAT THIS STORY REMINDS US

This type of situation highlights a fundamental principle:

An organization’s IT security depends as much on its own practices as on those of its partners.

Even an external breach can have a direct impact on us. Conversely, collective “good digital hygiene” strengthens everyone’s security.

ESSENTIAL BEST PRACTICES FOR PROTECTION

Here are some basic reflexes that everyone should apply, whether you are a multinational, an SME, or an independent supplier:

1. Use strong passwords

Forget “traditional” passwords.

Choose a short phrase with:

• spaces
• punctuation
• special characters

Example: Morning coffees! 2024

Easy to remember, very difficult to hack.

2. Change your passwords regularly

Even a good password should not remain unchanged over time.

Regularity makes the task of hackers much more difficult. There is no need to change it every week. Changing it every six months is a good frequency.

3. Verify any change requests related to a supplier.

Any change of address, cheque specimen, important contact information, etc. must always be double-confirmed via a different means of communication than the one used to transmit the initial information.

• An email → verify by phone.
• A phone call → confirm by email.
• A message → validate via an official channel

This greatly reduces the risk of both channels being compromised simultaneously.

4. Raise awareness and empower everyone

Security is not the responsibility of one department.

It depends on:

• internal teams
• suppliers
• partners
• business customers

Each player is an essential link in the chain.

CONCLUSION: THE SECURITY OF ONE STRENGTHENS THE SECURITY OF ALL

In an interconnected digital environment, the vulnerability of one can become the vulnerability of all. Fortunately, the reverse is also true: by applying simple, good habits, we protect ourselves collectively.

Let’s protect ourselves, remain vigilant, and never forget: Strong security is, above all, shared security.

At SolutionCondo, these principles guide our daily practices, both in the financial management of condominiums and in our relationships with our partners. Prevention remains our best protection against fraud attempts.

Anne-Claire Pinel de Grandchamp
Chief Accountant

and

Steven Haas
IT support technician