Connecting linkedin

Why Cyber Security Matters to Recruiters

about 3 years ago by Neil Pickstone


Let's face it, security matters - and in Recruitment, data is vitally important. It is the lifeblood of any Recruitment Company.

I was reading last week about the internet security company Kaspersky who revealed that their own systems had been hacked but no damage done.  

This reminded me of the training I had regarding data security a few years ago. In the UK and other countries, the responsibility for data security rests with the actual business - those businesses and their owners have a legal duty of care under the various Data Protection Acts & Regulations to prevent personal data being accidentally or deliberately compromised.

Taking a closer look at a company's legal duties is useful when considering security:

  • The levels of security a company has must reflect the nature of the personal data they hold and the level of harm that could occur if there was a security breach.
  • You should have a single individual within the company who is responsible for ensuring all information is secured.
  •  Ensure you have the right physical and technical security including robust policies and procedures.
  • Ensure your staff are well-trained in all matters of security, including personal security.

And finally,

  •  In the event of a breach of security, your team should know how to respond swiftly and effectively.

So here are my top tips for security: -

  1. Have someone in the company appointed and responsible for security.
  2. Have an effective security policy in place
  3. Ensure that staff fully understand about security for example: -
  • If someone calls, make sure you can verify who they are and never give any details out over the phone to someone you don't know, even if though you may recognise the name. Call them back.
  • Never give any details of your systems, it helps understand weaknesses.
  • Make sure data is always secured: laptops with saved passwords are an easy way to hack into a companies data or network.
  • Have a robust system back up plan in place and ensure it is regularly run.
  • Are your suppliers upto the mark? Do you have copies of their security policies; ask about their procedures, or about how they back up their systems? What would happen in the event of a fire or if they ceased trading?
  • Remember the most common security breaches happen when employees get upset or decide to leave, ensure you have robust employment contracts which protect the companies and it's data. Remind staff of their obligations. have a staff exit plan so that passwords are revoked.
  • Both personal security and allowing people access to office need consideration. In one of our  my offices we had an attempted break in from someone claiming to need to read metres (luckily for us we have a managed service but it still caught the staff out) but we also have a procedure where staff can alert people through our phone system.
  • Finally in the event of a disaster or business interuption (power outages are becoming more common, we had two in the last 12 months in different locations) we solve this issue by having completely cloud based systems that allow any one to work anywhere, we can redirect the landline numbers to mobiles in seconds or answer from different offices, Our CRM, Accounts, Document Libraries, Legal stuff actually everything are cloud based.

These are only a few of things you should do, but my observation of running a company is that it's not a case of "if" someone will try to breach security, it really is a case of "when", so be ready.



Social media has a number of advantages and can be critical in your recruitment business' success - as outlined in our previous blog. Its power is, however, becoming increasingly hard to control, which can lead to negative attention being attracte...




Today Alison Dwyer, global marketing director at Volcanic, gave a presentation about the new opportunities the GDPR brings to marketing in the recruitment industry at the APSCo Marketing Forum held at Taylor Wessing. Talking about the well researc...




We've seen some strong arguments on Linkedin about both the GDPR and the effect it will have on Wordpress. Let’s start with some facts The problem with Wordpress and GDPR In recent months there have been major data breaches that have brought the i...




It has been announced today (16 October 2017) that there is severe vulnerability in the security of WiFi connections Belgian researchers have identified a weakness with the WPA2 protocol used by the vast majority of WiFi connections that potential...