Job seekers have been stung by a massive security breach at one of the world's biggest online recruitment sites, Monster.com, which has resulted in individuals receiving bogus job offers in spam and phishing attacks. However, South African users need not rush to delete their online CVs as the local sites polled by IT-Online have implemented reassuringly high levels of security to keep their users' information safe.
In the Monster.com breach, hackers managed to get hold of recruiters' passwords, which then allowed them browse the information divulged by online job seekers. Not surprisingly, they were able to glean huge amount of personal information from these files.
People are then targeted with an e-mail offering and job and claiming to come from Monster.com.
Kris Jarzebowski, founder and MD of a leading recruitment portal CareerJunction, says his organisation has put in as many layers of security as they can while still remaining user-friendly.
The various levels of security include hardware- and software-based intrusion protection (IPS) from McAfee; anti-virus software that updates every four hours; and both hardware and software firewalls.
In addition, the site demands single logon, so the same password cannot be used simultaneously be two users.
Importantly, recruiters are required to change their passwords at least every 60 days so, in the unlikely event their logon details are compromised, there is a second level of protection.
Jarzebowski believes the organisation has got the highest level of security installed, making a breach as unlikely as possible.
"This is very important to us," he says. "Job seekers entrust us with very sensitive information and we make a promise to them not to allow it to be compromised.
"With these precautions in place, South African job seekers are probably better protected than users in many other countries."
All the security doesn't stop people trying to break in, though. Jarzebowski reports that there is an attempted hack on the CareerJunction portal at least once a week. Fortunately, they have all so far been detected and blocked.
Annemarie Viljoen, MD of FastForward, adds that – in addition to IT-based security – her company guarantees not to share confidential information with other companies.
"In addition, when we do database searches, candidates are contacted first and asked whether they are interested in a specific opportunity before the information is made available to the company."
Job seekers can also stipulate whether their CVs should be searchable or not, she says, and they can choose whether to register only on one company's Web site or have their information available to a wider pool of recruiters.
Viljoen also advises job seekers to check the security accreditation of a site before divulging personal information.
"Candidates must only register on reputable sites," she says.