Connecting linkedin

Bad share - bad security

6 months ago by Neil Pickstone

W1siziisijiwmtgvmdevmjqvmtmvmdqvntivote5l1bhzgxvy2suanbnil0swyjwiiwidgh1bwiilciymjawedywmfx1mdazyyjdlfsiccisim9wdgltaxplil1d

With the current media hype surrounding cyber-security, data hacking and viruses, we wanted to share a recent potential security risk we identified that happened through the best of intentions.

 

Far from being an attempt to infiltrate the Volcanic platform, this security issue was caused by sharing a published article from a well-respected website. Critically, this website is built in Wordpress and does not have SSL certification, because a risk assessment did not identify the need for it. It is a low risk site in terms of security, because it’s a freely-available information-sharing resource operating for the benefit of the recruitment industry. The site does not handle data transactions, process payments nor operate user tracking systems, and therefore would not seem to require security certification.

 

However

When sharing content on social channels, the default behaviour of these channels is to pull preview content and imagery from the source that has been linked to. At Volcanic, our web scoop then pulls through our latest social posts to publish them on our website.

 

Once the content from the website was shared across Volcanic’s social media channels, linking to the source, it was then pulled through and published on the Volcanic website. The lack of security in this content was instantly identified and alerted to Volcanic through a change in our site’s security status.

 

Our recommendation

At Volcanic we take web platform security and compliance very seriously. This occurrence demonstrates the efficiency of our team in rapidly identifying, isolating and securing any possible breach.  

 

Check source security before you share

 

To find out more, download our free eBook: The Recruiter’s Guide to Cyber Attacks, Data Protection and Systems Security.

ABOUT 1 MONTH AGO BY NEIL PICKSTONE

W1siziisijiwmtgvmdyvmduvmtqvmzcvmdavotg0l25lehvzlmpwzyjdlfsiccisinrodw1iiiwindawedmwmfx1mdazyyjdlfsiccisim9wdgltaxplil1d

Volcanic is delighted to announce the launch of the new Nexus Legal Recruitment website. Nexus Legal Recruitment is a trusted search and recruitment specialist focused on placing top legal talent in law firms and multinational organisations across...

READ MORE

ABOUT 1 MONTH AGO BY NEIL PICKSTONE

W1siziisijiwmtgvmdyvmduvmtivmdcvndcvndi5l2pwz2cuanbnil0swyjwiiwidgh1bwiilci0mdb4mzawxhuwmdnjil0swyjwiiwib3b0aw1pemuixv0

Following Volcanic’s record-breaking number of website launches in March, the momentum is showing no sign of abating, with May 2018 smashing this record. The team has brought to life a whole host of new websites, including clients such as Morson, ...

READ MORE

ABOUT 1 MONTH AGO BY NEIL PICKSTONE

W1siziisijiwmtgvmdyvmduvmtuvmjmvmtcvmzi5l2luc3rhbgwuanbnil0swyjwiiwidgh1bwiilci0mdb4mzawxhuwmdnjil0swyjwiiwib3b0aw1pemuixv0

Volcanic is delighted to announce the launch of the new Install Recruitment website. Install Recruitment is based in Manchester and specialises in finding talent for the construction, manufacturing and industrial, textile, and executive and manage...

READ MORE

ABOUT 1 MONTH AGO BY NEIL PICKSTONE

W1siziisijiwmtgvmdyvmdqvmtevmtgvmtmvmjgvsw50zwdyyxrpb24uanbnil0swyjwiiwidgh1bwiilci0mdb4mzawxhuwmdnjil0swyjwiiwib3b0aw1pemuixv0

Recruitment businesses used to depend on different technologies and systems to manage their operations. A headache to manage, difficult to integrate, clunky in practice, and, critically, unable to deliver an efficient workflow. Human error, manual...

READ MORE