In our industry, we collect, handle and store vast amounts of sensitive information from both clients and candidates; contact details, tax-file number, date of birth, work experience, photos, and much more. When in the office most recruitment firms feel confident that their network is secure, but now that we are working from home, many are thinking about how they maintain security and avoid putting their client and candidate information at risk.
Here are some tips to keep your data secure while you work remotely.
Tip #1 Secure your network
In most cases your home network will use a secure, private Wi-Fi connection that is password protected. However, your devices that connect to the internet, like your phone, computer or tablet, will all have varying levels of security.
It’s worth taking the time to look at the security settings across all your devices and update accordingly. Also, ensure that you are only working on devices that are provided or approved by your company. Your personal devices may not have the same firewalls, anti-virus protection or software updates, and can put your office network at risk.
If your workplace provides a Virtual Private Network (VPN), be sure to use it, as it adds another layer of protection. This is crucial if you are joining a network outside your office or home. Now that cafes and restaurants are gradually re-opening, it can be tempting to escape your home office and work in a different location. Just remember, if you are using public Wi-Fi be cautious. Only use those that are password protected, and be wary of those that offer open guest access, as they are more vulnerable to cyber-attacks.
Tip #2 Use cloud-based applications
Cloud providers invest heavily in data security and have built-in security features. Fortunately, many recruiters are already utilising cloud-based applications as part of their technology suite. Whether we use Gmail or Microsoft 365 for email, Salesforce for Customer Relationship Management (CRM), or Click Recruit for our Application Tracking System (ATS), most of us are familiar and comfortable with cloud-based applications.
Similar to reviewing the security settings for your devices, you should be doing the same with your cloud applications. These will all have different settings and features that can be adjusted to suit your working environment.
Video conferencing platforms are a great example. Working from home means we are all using virtual meetings frequently and for recruiters you may be conducting candidate interviews. Before your next video conference, review the application’s security settings and enable built-in features, such as waiting room, which allows you to grant access to each participant.
Try not to use the same personal meeting ID for all your meetings, instead generate new IDs for each session. It is always a good idea to require a password and once all attendees are present, lock the meeting. These features all help to secure the meeting and prevent unauthorised people joining your session.
Another security feature that many cloud service applications offer, is multi-factor authentication. This adds an additional layer of security when you are logging into an application and commonly includes a password, and an SMS pin or token. Multi-factor authentication can seem like an unnecessary hassle and be tempting to skip, but it adds another level of security that you should take advantage of.
Tip #3 Use strong passwords
This one is basic and easy to implement, yet it is something that we often overlook. Simple measures, like not using the same password across multiple devices or applications, and making your password long and including a mix of upper and lower case letters, numbers and special characters, are effective ways to strengthen the security of your devices. There are even tools that can be used to manage your passwords such as LastPass or 1Password.
Tip #4 Store your information and documents securely
When working remotely, saving to your network or your cloud application might not be as fast or convenient as usual, especially if you are experiencing internet issues. Don’t be tempted to save files to your desktop or revert back to spreadsheets over your CRM or ATS applications. This could really compromise the security of your data.
In order to protect your client and candidate information, you need to store your data in a central secure location, where you can update and remove when requested, this is especially important with today’s GDPR requirements. This becomes extremely difficult when recruiters are managing candidate information outside their CRM and ATS systems.
It seems that remote working is here to stay, with reports suggesting it will become a much more accepted practice post COVID-19. Now is the time to implement these added security measures and communicate them to your team to ensure that your company data and sensitive client and candidate information is protected.