Will Bartlett* As an employer looking to hire top talent within the legal field, much of your focus is on the credentials of your prospective employees- but are you additionally questioning the processes you have set in place to protect the information of those you’re profiling for a job?
Cybercriminals will target law firms in search of information concerning mergers, plans for acquisitions, and even the talent you plan of using to grow your business.
In 2017, 22 percent of law firms experienced a data breach, placing the total 14 percent higher than in 2016. The trend of law-targeted cyberattacks is growing at such a strong rate that it is predicted that 60 percent of a business’s tech budget will be devoted to cybersecurity by 2020.
Due to the sensitive nature of the data being obtained from prospective hires, the initial screening process is a susceptible place for a cyber thief to attack. If any data is compromised, companies can suffer a drastic loss in credibility, reputation and suffer from financial loss as well.
How can companies work to ensure their systems and prospective employees’ information is protected in the hiring process?
Unite Your Technology to Make Tracking Easier
Hiring for top-notch legal talent is an intricate and extensive process. From your prospects submitting their resumes online, to phone and video interviews, and email exchanges, there are many devices utilized that hold sensitive information.
To ensure that all of your communication tools are secure and in sync, look into a reliable unified communications option. A unified communications suite will ensure continuity across any devices used in hiring, allowing for smooth, safe, and easily managed process as you progress with a candidate. After all, who wouldn’t want all of their apps and means of communication in one reliable place?
One of the simplest and quickest to implement defenses a company can have is the use of encrypted emails and secured files.
You might be wondering what does this mean exactly? In simple terms, email encryption means that you are hiding the contents of an email message to protect sensitive information; encrypted emails make it more difficult for anyone other than the intended recipient to read the message and access any attached files. Unless a person has the necessary login credentials, they can not access the email.
Upgrade your security to Two-Factor Authentication
Two-factor authentication gives people a bad taste in their mouth due to the tediousness of its process.
Yes, it’s a pain to let your system identify you through multiple steps rather than simply enter a password, but when the state of your firm is at stake- the extra protection is appreciated. Implement a company wide transition to two-factor authentication in order to ensure there are no weak spots in your security wall that a cyber hacker can slip through.
Work on Secure Servers
Consult with your IT department (or a freelance IT individual) and any security vendors to ensure that your servers where your store sensitive information are secure. Malware is a significant threat to a business of any size.
As a precaution, your firm should be running an antivirus or antimalware program at all times to ensure that nothing malicious can spread through unsecure company files. Utilizing an antivirus program will provide “real-time” defenses. This means that the software will actively scan all incoming messages and files for potential threats, checking the credentials of everyone and everything trying to gain access to your company data.
Don’t Gather Unnecessary Data
One big rule to live by is only ask for personal data if it is relevant for each stage of the hiring process. This general rule will help alleviate any stress of risk when handling prospective employees personal information.
For example, if you’re not planning on offering a candidate a position, why would you ask for a copy of their most recent pay statement or have them complete a drug screening? Asking for personal data, only when necessary, at each step in the hiring process will reduce the amount of information you need to protect, and keep your company’s risk levels at a minimum.
Implement Team Protocol
Job applications often require personal and private data; including phone numbers, addresses, dates of birth and even social security numbers on occasion. Applications and resumes are often a one-stop shop for a person’s most personal information.
This means that access to this information should strictly be limited to relevant team members. Start with HR and the recruitment team, and if an application requires other team members involvement, you can grant access on a case by case basis. This means that there needs to be an authentication process for employees to access this type of information.
Will Bartlett is a digital content writer specialising in data management and cyber crime issues. 8×8 is a specialist provider of a unified communications suite that supports a diverse range of business applications. 8×8 provides a unified communications option for companies and firms.