Data Security & Online Recruiting: How Safe Are You?

No corporation seems to be safe these days. Target, Home Depot, Sony, and most, recently Ashley Madison are just some of the billion-dollar brands that have suffered lapses in digital information security. Literally, just a couple days ago, we received a phone call from a job board owner who had been victim of a data breach.

The Careerleaf team is currently prepping to launch exciting new software in the coming months. In this effort, our updated FAQ features a question about approach to data security. However, given the level of attention currently being devoted to the topic (Ashley Madison specifically), we felt it prudent to delve deeper with an entire blog post.

If you’ve taken data security for granted, this blog post is dedicated to you! Ask yourself, when was the last time you considered:

  • How much do you know about the handling of your data?
  • Where do the servers physically live?
  • Who is the hosting company, and what kind of security do they offer?
  • Are databases shared among a vendor’s portfolio of customers?

Of course, we’re not looking to paint a picture of doom and gloom, but we would like to see a future where data is kept safe from nefarious characters. Keep in mind, for recruiters, the database of candidates is the business. It’s the critical lifeblood that has been built up over time, though countless phone calls and emails. This is on top of the potential damage to brand trust and reputation. In the ongoing war for talent, it’s hard to think of assets more deserving of protection than an agency’s brand and candidate list.

Data ownership and security has consistently been voiced as a top priority for our clients – and we totally get it, because we see corners being cut. From our experience, we’ve seen cases where one database was used to store multiple customers’ data, and due to negligence, was inadvertently leaked and was accessible to different clients.

At Careerleaf, this is kind of slack is unacceptable, and we take a rigorous approach to our security practices:

  • In the vast majority of cases, each site we deploy is a separately hosted instance powered by industry leading service providers. Splitting the instances eliminates the potential for data to bleed or leak from one client to another.
  • Entire nightly backups are performed to ensure up to date redundancy. In the case of an emergency, automated processes ensure that restoration occurs within minutes.
  • We separate our live and test instances – ensuring new integrations, feeds and plugins can be tested safely.
  • Our software is designed to integrate with specialized, third party vendors to handle financial payments. Our clients’ sites do not handle or store financial information.
  • Earlier in 2015, we began upgrading and developing our automating to improve our uptime guarantee from 97%+ to 99%+.
  • We offer triple redundancy site back-ups if requested by our clients.

C’mon, everyone! Let’s not slack on something as vital as important as data security.