Connecting linkedin

Recruitment Website Security

about 2 years ago by


The non techie’s guide to securing your Recruitment website

Internet Security over the past 5 years has become big business. The problem with security around websites however, is the unknown.  

It is both easy to say that your website is secure and also easy to suggest that it is at risk. If one of Volcanic's competitors wanted to try to damage our reputation, all they need to do is suggest that we are not secure, as for most customers it impossible to prove whether we are or we are not secure.

So let us explain how we ensure your website is secure, what methods we use to ensure it always remains that way, and how we prove to our customers, their clients and their candidates that it's safe to use our platform: -

SSL (Secure Socket Layer)

A common way for criminals to steal data is by intercepting data sent from a users browser to the recruitment website. We prevent this from happening by implementing a Secure Socket Layer (SSL) Certificate which basically encrypts the data (making it impossible to read). 

Server Load (protecting from ‘botnet')

Another way criminals try to break into systems is by overloading them or forcing them to break - through load or botnets. This attack is also called a denial of service attack. If an attack is successful it can reveal to the attacker the technology used and give them the opportunity to inject code in order to access data. Having a successful solution to this type of attack is essential. The Volcanic system successfully defends against such attacks using world leading technology and defensive mechanisms.

Pen Testing

When developers build systems, they work to very high standards. However, as most users are aware it is not unusual for that code base to become out of date or for a secuirty vunerability to be discovered. 

One of the best ways to defend against this happening is to undertake regular penetration testing (that discovers these vunerabilities) and then to update the systems accordingly. We use a series of tools to ensure our code remains secure. We are also able to apply code fixes across our platform in real time (just like you do when you update your phone software).

PCI Compliance

The Payment Card Industry Data Security Standard is a standard set by companies like Visa or Mastercard and is used in the protection of credit card data. It is basically one of the highest security quality standards held by a website. Although none of Volcanic's customers store credit card data, we decided that we would build all of systems to this PCI standard and can provide a copy of compliance certificate to our customers.

Internal Security Policies

Finally internal security is as important as the website security so we also have a very detailed internal security policy that all our employees comply with which we are are happy to share.




What a night! Volcanic are delighted to announce that at last nights (3rd May) Recruiter Awards our CEO, Rob Wilde, won the award for the Recruitment Industry Entrepreneur of the year. This is a massive achievement for both Rob and Volcanic. The R...




The 20th March saw the first UK, TruLondon event of the year, hosted as always by Bill Boorman. The event took place in the incredible setting of the Kings Head, London, which boasts wonderful surroundings inside a private members club. This round...




Volcanic has been awarded the Best Technical Innovation award in recruitment at the Onrec awards 2017 in London. The award recognises the hard work and dedication of the entire Volcanic team towards bringing fresh new ideas to the recruitment sect...




We’ve spoken recently about Accelerated Mobile Pages (AMP) and what they mean for recruiters and their websites, and the feedback we received was that a large number of people still don’t really understand what impact it has in the ‘real world’. L...