Is Your Hiring Data at Risk?

Posted by Deltek Partner Guest Blog on August 15, 2019

By EBI, a Deltek Marketplace Partner.

Sensitive information is being hosted in digital format with increasing frequency. A recent report from SkyHigh Networks analyzed usage data from millions of users. The analysis concluded the average organization uses 1,083 cloud applications as part of organizational workflow. What’s more, 16 percent of files uploaded to data storage services contain highly sensitive data.

The cost of a data breach can place a financial burden on organizations. The average cost of a breach can range from $2 million for incidents that compromise fewer than 10,000 records to nearly $7 million for incidents that compromise more than 50,000 records.

To mitigate these costly breaches, more and more companies are migrating their data to the cloud. The benefits of the cloud ecosystem have led to the widespread development of platforms and applications designed to serve the needs of a broad spectrum of functional areas across an organization, including a hiring team.

What this Means for Hiring Managers

Companies use a variety of cloud-based talent platforms and human capital management systems that help them better manage their workforces. Hiring managers are responsible for maintaining a variety of records for future and current employees. Sensitive data, including social security numbers, addresses, and background check results, are routinely stored by hiring teams.

The EBI Data Security Difference: EBI is one of the only background screening firms in the world to hold both the ISO 9001:2015 Quality Management and ISO 27001:2013 Information Security certifications AND be accredited by the National Association of Professional Background Screeners.

What Companies Can do to Keep their Hiring Data Secure

Businesses should place a priority on keeping their hiring data secure. Cloud vendors like Deltek provide the tools and framework for a solid data management plan, but there are best practices to make sure data is properly secured.

Impose Proper Permissions

Data breaches are often thought to happen through “the back door.” However, in many cases, breaches occur because an employee inadvertently allowed access directly through the front door. If an employee leaves the company or takes a company laptop home with them, it becomes much more difficult to control a company’s IT infrastructure.

Password privileges help keep confidential or business-critical information in the hands of key stakeholders, rather than available to a larger pool of logins. The cloud enables hiring teams to update permissions in real time, at the vendor or application level. More streamlined rule creation allows for some flexibility, ensuring each employee has access to the data they need to do his or her daily job.

Additionally, many companies deploy a “BYOD” (bring your own device) policy. IT professionals have to be clear about what personal devices are appropriate for office use, as well as what and how personal data will be monitored. This way, if an employee leaves the organization or moves to a department with different permissions, all parties involved are clear on what data will need to be wiped from their devices.

Automate Network Security

Network security is a real issue. Companies spend an average of $1.3 million per year on labor costs associated with following inaccurate intelligence. Dealing with false positive and false negative alerts is incredibly time consuming.

The Business Debate: Watch this video to learn about your Return On Investment when you respond to actual threats in real time with Deltek’s cloud-based system.

Automating aspects of an organization’s security monitoring and update cycles keeps IT and cyber-security professionals focused on responding to actual threats in real time. In many cases, a cloud vendor’s platform includes built-in security and data management functions. This helps optimize an IT team’s resources and reinforces healthy network security protocols.

Always Encrypt Sensitive Data

Data should never be left open and readable in cloud storage. Cyber-security professionals have begun establishing processes in order to better manage the transient and free-flowing nature of information. Data Loss Prevention (DLP) is a set of tools, software, and processes that prevent misuse or unauthorized access of sensitive data as it moves across devices (also known as “data in transit”) or online. Because many employees regularly share and upload files containing regulated data to cloud platforms, it’s vital for administrators to confirm their cloud service providers encrypt data.

DLP can change the way different end-users interact with the data, as well as encrypt the data to minimize the profitability of a malicious breach. This way, even if someone were to unlawfully access and read the information, they wouldn’t necessarily be able to decipher and use it.

So, is your company’s hiring data at risk? Only if you let it be. Hiring managers have access to data subject to inherent risk owing to its sensitive nature. Smart cloud deployments safeguard sensitive data. HR and IT departments have a responsibility to work together to ensure the proper tools and processes are in place to keep employee and prospective employee data secure in the cloud.

This article is courtesy of our premiere partner, EBI. Focusing on solutions to make every aspect of the recruiting process easier for you. Leveraging the best technology in the industry with proven processes to deliver quality.

 

About the Author

Employment Background Investigations, Inc. (EBI) is one of the largest privately held screening firms in the country, providing background screening, drug testing, occupational health and Form I-9 services for employment, contract and volunteer positions for thousands of clients around the world. Founded in 1994, EBI is an Inc. 5000 award winner, and is the only company in the industry to be named to HRO Today’s Baker’s Dozen List 12 times, winning the 2018 #1 Best Overall Background Screener, #1 Best Quality of Service, and #1 Breadth of Service Offering. EBI has also been named to Workforce Magazine’s Hot List 13 years in a row. EBI is a founding member of the National Association of Professional Background Screeners and also holds an ISO 27001:2013 certification for Information Security and an ISO 9001:2015 Certification for Quality Management. For more information visit www.ebiinc.com.