Tips to protect your recruitment business from cyber attacks

Mike Ianiri, sales director at Redsquid, offers his advice to prevent your business falling prey to a cyber attack.

Cyber attacks are targeted at businesses of all sizes. However, 43% of cyber attacks are aimed at SMEs so recruitment firms need to ensure they are protected. What can you do to protect your recruitment business?

Training
Unfortunately, humans are still the weakest link in cyber security protection. Threat reduction requires employee training reinforcing messages such as:

  • Be watchful of new contractors. While most will be legitimate, some cyber criminals will simply walk in and try to infect your machines. If you’re unsure, stop and check. 
  • Query requests for large or urgent payments. This is a common form of cyber attack.
  • When you’re busy, beware: don’t open emails you don’t recognise or if the topic is worrying. Don’t open attachments or click on links designed to infect your machine or network. Fraudsters use addresses and URLs that are very similar to legitimate ones.

You can check training effectiveness with regular simulated phishing attacks. You’ll identify who is following their training and who needs more. We did this internally at Redsquid and reduced click-throughs from 54% to 4% in only three months. 

Protecting your network

Gateway prevention
Email gateways are a great way to reduce mistakes. By passing all your emails through a gateway, you block the malware, phishing and spam emails threatening your network.

Firewalls: If your firewall is a few years old, its ability to protect your network needs to be upgraded, as the threats to your network will have increased. 

Patching: Keep your PCs fully patched. Your operating system provider regularly publishes security updates to protect against the latest cyber threats. 

Windows 7: Microsoft stops supporting Windows 7 on 14 January 2020. You must upgrade to Windows 10. If you also upgrade hardware you’ll benefit from the physical security and performance enhancements built into new machines.

Vulnerability and penetration testing
Vulnerability scanning helps to ensure the security of your systems, services and applications from a number of common attack vectors, exploited by both automated and manual attackers. Vulnerability testing should ideally be done continuously, but at least every month.

A penetration test is an authorised simulated cyber attack on a computer system, performed by a suitably qualified third party. We recommend these are done at least once a year by an independent body (not your IT provider) for the peace of mind it provides.

For recruiters, these tests are particularly valuable to prove you are properly ticking the GDPR box – showing you’re protecting the Personally Identifiable Information (PII) you hold on candidates, clients and staff. 

APIs and web applications
Most businesses are using multiple web applications and APIs to streamline productivity. Check whether the ones you use have been tested for intruder prevention. They can become a back door into your network.

Multi-factor authentication
Multi-factor authentication (MFA) uses multiple devices to protect your network. Your phone can act as confirmation you are who you say you are, for example, logging into an application. Multiple layers of security make it harder for unauthorised users to access your network.

Cyber insurance
Getting advice on the cover you need for insurance against cyber threats is recommended. It can’t replace what’s stolen, however cyber insurance will help your recruitment business recover more quickly. 

• Mike Ianiri is sales director at Redsquid, one of the UK’s leading independent providers of business Voice, Data, ICT, Cyber Security and IoT Solutions. 

• Comment below on this story. You can also tweet us to tell us your thoughts or share this story with a friend. Our editorial email is recruiter.editorial@redactive.co.uk

Biggest drop in job vacancies in 10 years and employment also down

UK unemployment fell in the quarter to September but so did the number of people in work, according to official figures.

12 November 2019

CONTRACTS & DEALS: 11-15 NOVEMBER 2019

This week’s contracts and deals include: iKas International, Retorio, Sanderson, Workday

Contracts 12 November 2019

NEW TO THE MARKET: 11-15 NOVEMBER 2019

This week’s launches include: Kronos, Oliver James

New to Market 12 November 2019

FinTech Influencers advise to recruit refugees to fill fintech talent shortages

Employers looking for talent in the UK’s burgeoning fintech sector should widen their search.

11 November 2019
Top