Identity theft is an issue for people of all backgrounds. The outcome can range from a minor inconvenience to a life-altering event. The copying and use of your credit card information could be merely an inconvenience, as credit card companies have become very effective at detecting these, and the card owner is easily reimbursed. Full-on identity theft is a different story.
When the bad guy claims to be YOU in order to secure lines of credit or obtain false identification, it can ruin your life before you even know what happened. Some of these thieves commit crimes under stolen identities, causing warrants, fines, and sentencing to be issued to the victims. (Has anyone seen Identity Thief, the movie? That stuff really happens!)
So rightly so, we try to protect ourselves from risks associated with identity theft. We shred financial documents, use secure online banking sites, purchase services from a 3rd party company, and maybe even put a security freeze on our credit to insure against identity thieves. But have you ever considered the risk of losing your identity to a thief while applying for a job opportunity online?
Security of Online Job Applications
Many companies support online applications and expect to receive candidate information this way. Likewise, most candidates want the option to apply online via a computer or mobile device. It is a mutually beneficial way to quickly transmit information and start the hiring process.
But, is it safe?
Luckily, the answer is generally “yes.” However, when it comes to online applications, applicants and employers alike should keep a few guiding principles in mind:
- An online application should collect and transfer information to a database on a secure server via TSL/SSL.
- Access to the applicant database should be limited to the authorized staff of the employer and software provider.
- An online job application should only request information necessary and relevant for the open position.
Of course, ensuring that the above items are in place is much easier for the employer than the applicant. These security features are often highlighted by software vendors who seek to gain an employer’s business. For an applicant, however, it may be more difficult to determine the security measures in place.
Applicants may verify that online applications are secure by looking at the status bar of their browsers. Secure pages will have a green URI https preceding the URL and/or the image of a lock. This is a pretty good sign that page is secure, but clicking on the lock will allow you to view the security certificate and more information on the security employed–make sure the owner is what you expect and that it is signed and dated.
Unfortunately, a secure page only informs applicants that their data will be secure in transit to the database server. Additional security will be needed to protect applicant data once it arrives there. This is where employers and software vendors can step in to reassure wary applicants.
Employers can earn the trust of applicants by proactively communicating the security that is in place for their online applications and submitted data. A simple statement such as the one below along with a link to a longer statement can help:
“The following application utilizes industry standard security measures to ensure the privacy of your information. The information you submit can only be accessed by personnel authorized by ABC LLC. For more details, please review our security statement.”
Ultimately, regardless of the security employed by an organization, thieves will continue to seek ways to access and steal personal information. But if individuals use common sense, and organizations and software vendors invest in security, the chances of identity theft dramatically decrease.
ExactHire provides hiring solutions for small- to medium-sized business that protect all personally identifiable digital information by storing data on a separate server and using Secure Sockets Layer (SSL) pages.