Cyber attacks on organisations are a global problem, and Australia has certainly experienced its fair share of high-profile hacks in recent years.
Many will recall how the Australian Census website was shut down on August 9, 2016 – the day of the Census – following several denial-of-service attacks. The security measures in place were insufficient, and the breach was very embarrassing for Australia and the government.
According to the Australian Bureau of Statistics (ABS), the website was shut down as a precaution following a software failure, which left the system unable to defend itself. While the ABS claimed no census data was stolen, the incident highlights the serious threat posed to organisations in terms of theft of personal information.
Recruitment and HR organisations typically hold a variety of confidential personal information.
Keeping your data secure
Recruitment and HR organisations typically hold a variety of confidential personal information about their employees, candidates and clients. They are duty-bound ,therefore, to keep hackers at bay.
This is a vital consideration that has guided developers at FastTrack to design software solutions for recruiters that are intended to be impenetrable to external threats. FastTrack360, a recruitment tool that provides for three core functions – recruit, bill and pay – features various security features that enable users to be extremely secure.
Different components within FastTrack360 act to cover different security points in the system – from access, when users start up the browser and enter their password, to data and code, to the integrity of the server, where the customers' data is physically hosted. So effective security measures are taken that protect the overall system and data contained within it from scripting attacks, cross-site attacks and a whole lot more.
When someone is trying to access, for example, they will need to pass through two levels of security to enter the system and its data. This compares well with other systems that use just one level. However, what is really unique about FastTrack is that it physically segregates the databases of different customers.
Unlike other recruitment software service providers that use a single database for all their clients, we have adopted a more secure approach that disconnects them entirely from each other in terms of where their data is being hosted. This means that our customers have no way to access each other's data.
A key part of installing new software in any business is training staff in how to use it effectively.
Encouraging best practices
A key part of installing new software in any business is training staff in how to use it effectively, efficiently and securely. At FastTrack, we work closely with end users to help them become familiar with the tools we provide, especially with regard to security. This starts right from the project implementation phase.
Once a customer is ready to be onboard with FastTrack software, one of our consultants will go to meet with them and provide training to their staff on core functions (recruit, pay, bill) as well as security best practices. They will explain the software's security features – right from the application to the infrastructure and the database – and provide details about how the data is stored and encrypted to keep it protected.
In many organisations, employees are required to comply with internal IT security policies in terms of their email and login passwords. For example, passwords must be nine digits in length and include a combination of alphabetic, numeric and extra characters, and must be changed at regular intervals. Password policies like these are common and recommended.
FastTrack is able to configure its software to accommodate the needs of its customers with respect to password policies. During the project implementation phase, we will incorporate the required password validations and expiry durations into the system.
Behind the scenes at FastTrack
From an application perspective, FastTrack regularly educates its own developers to ensure they understand the security principles in place and we continuously upgrade our software, with additional features and push through security updates as required.
FastTrack emphasises the importance of choosing a complex password.
Taking cyber threats seriously
It is important for our customers to be trained in security best practices due to real and ongoing cyber threats to their organisation or in the environment that they may not be aware of. By following recommended protocols, they are doing their bit to keep their organisation's infrastructure and data secure.
Employees, especially those working in the recruitment industry, often have access to personal data that should not be leaked. They therefore have an obligation to understand the importance of protecting that data by using the cybersecurity tools available to them.
During software training, FastTrack emphasises the importance of choosing a complex password and knowing how other security features should be used and why. Security is a key element of our training, and our consultants will take every opportunity to re-educate and reinform customers about its importance.