5 Steps for Recruiting Firms’ Data Security Best Practices
|5 Questions for Staffing Agency Managers to Ask:||Yes||No|
|Are my employees clear about data security best practices and do they follow those guidelines?|
|Do my employees have strong passwords in place that include letters, numbers and symbols?|
|Is my data encrypted for another layer of security?|
|Is my agency data backed up regularly with an older version easily accessible in case of a damaging virus?|
|Do my employees know to never use insecure Wi-Fi?|
Run through the questions above. Did you answer “no” to any of these questions? Your data security may be at risk. Companies of all sizes and configurations should carefully assess their security in light of Target’s data breach last December. The stolen information exposed data security vulnerabilities facing all companies, even those that are large and have various resources on their side. Hackers gained access to 40 million customer accounts, including PIN numbers and security codes embedded on the backs of cards. Another 70 million people had personal information stolen. Ultimately the breach cost the company at least $17 million, tarnished its reputation and cost both the CIO and CEO their jobs.
Staffing companies may not have millions of accounts, but you may have tens of thousands of records, including tax documentation and bank account information, along with a valuable reputation to protect. In fact, employee error at one Texas staffing agency led to 10,000 records being exposed, which included private data such as social security numbers, medical information, drug testing results and more. Managers should be prepared to implement data security best practices at your staffing firm, from utilizing recruitment software to adding data encryption. Here are 5 steps recruiting companies should take to protect your valuable data.
- Educate and Empower Your Recruiting Firm Staff. Encourage your employees to be vigilant when it comes to data security. Educate them about ways they can help ensure that human error, a common and entirely preventable cause of security breaches, is minimized. Make sure that you have clear security policies regarding data security best practices in place, including requirements that:
- Any computers connected to the network have up-to-date security software
- No security information may be given over the phone, and that
- All printed documents containing personal information or proprietary data should be shredded.
- Require That Your Recruiting Team Uses Strong Passwords. Hackers are skilled at guessing simple passwords, especially when they are able to use automated tools designed to crack them. Stipulate that your staffing professionals incorporate letters, symbols and numbers and never write passwords down. Cybersecurity pundit Tom Hulsey writes on his blog about the increasing problem of hackers from China targeting U.S. businesses of all sizes in order to gain access to larger companies. Your firm needs to have reliable data security best practices to prevent acting as a doorway between persistent hackers and your valuable clients’ data and information.
- Make Sure Your Recruiting Firm’s Data Is Encrypted. Encryption is another layer of protection for a situation where, despite your best data security practices, your data is stolen. Ramon Ray, a businesses and technology expert, writes about encryption in 8 Tips to Protect Your Business and Secure Its Data, “[I]f your hard disk is stolen or you lose your USB thumb drive, whoever accesses the data won’t be able to read it if it’s encrypted.” Encryption takes information from a readable form and scrambles the text so that it can’t be understood by someone who steals it or otherwise accesses it. When the encrypted text reaches your recruiting staff member who has the right formula, the scrambled information is reverted back to readable text.
- Back Up and Test Your Agency’s Recruiting Data. Properly back up data so that if your recruiting firm’s system crashes or is infected with malware, you won’t lose valuable work and information. Employment agency software that is hosted on the cloud can give you peace of mind, knowing that your agency’s data is secure — cloud backup solutions are usually safe from computer viruses. You may opt to set a planned schedule for backing up your data, or choose to work with a software company that performs nightly backups for you as part of your data security best practices plan.
- Protect Remote Recruiters. With your company’s recruiters and sales staff on the go, you need to protect their work and prevent hackers from accessing company information when team members connect to your system. Of particular concern is when staff use public networks, since they are not secure. Experts say that someone on the same Wi-Fi as your employee could see their passwords, documents and email messages — all of their business information. Recruiting software can give your staff the flexibility they need, allowing them to access the information they need from anywhere at any time. It also supports your data security via configurable document categories, each with its own security settings. For example, candidate resumes and notes your recruiters take could have a low security setting, while social security numbers, tax information and bank account numbers would have high settings for extra data security.
When even well-respected companies suffer negative fallout after security breaches, it’s an important reminder to analyze what action you’re taking at your recruiting firms. Managers need to work to protect your recruiting company’s documents, clients’ data and candidates’ personal information. There are many steps you can take and recruiting software you can utilize to improve your data security best practices, while simultaneously protecting your clients’ data, candidates’ information and company’s reputation.
Learn more about the benefits of using the cloud for both data security best practices and to facilitate your team’s workflow by downloading our whitepaper, Five Reasons Why Staffing Firms are Rising Into the Cloud.