Perform a data and information inventory and define elements that are particularly worthy of protection. Prepare a protection concept for these elements. For cantonal and communal data protection provisions, consult the websites of your canton and your communal association.
Think carefully about what information you disclose on your own website or in social media, as this is collected by criminals. In particular, the website should not list the details of the person in charge of the administration's financial transactions, who has e-banking access. As a matter of principle, no confidential information or data should be transmitted through anonymous channels, e.g. telephone or email. Confidential information should be consistently encrypted or sent by post to external parties.
Take care when using cloud services. These are used by many programs. Consider which data should be stored locally and which in the cloud. Never store unencrypted sensitive data in a cloud. Before using a cloud service, read the provider's general terms and conditions (GTC) and pay attention to the data protection provisions. Data may not be passed on, for example for commercial purposes. Check with your data protection supervisory authority.
Data protection tools and a list of the respective supervisory bodies can be found on the website of the conference of Swiss data protection commissioners, privatim: