Slashdot Mirror

← Back to Stories (view on slashdot.org)

How Safe is Your Employment Application Data?

Posted by Cliff on from the is-it-really-safe-enough dept.

Carlos asks: "I recently returned to the U.S. after working overseas for the past 16 years. As I visit job sites and corporate sites, I'm finding two issues with applying online I hope Slashdot readers could comment on. I understand security and background checks are important to most employers. However, it seems to me that far too many online applications are asking for sensitive data, such as my social security number and driver's license number. How long is my data stored in their database? Who has access to such data? It seems that every month we hear about a company that has customer/client data stolen or mishandled. I feel that such data shouldn't be required during 'step one' (ie filling out the initial online account in the career section). I'll provide such data when I've been contacted by a staff for an interview. Do Slashdot readers simply bypass such employers, or do they just hand over their identity?" Another point relates to the pages upon pages we have to endure with an online application. Some companies make the process smooth, for example using a form of OCR with an uploaded resume. There's nothing worse than getting to step 9 (out of 20 steps) and getting a timeout error in your browser. I hope HR people who are reading this, will take a closer look at their employment process. I'm sure some readers might say, 'They make the process hard on purpose — weeding out the lazy applicants.' I fully understand this point and I'm not looking for an easy way into a company, but filling out 20 step applications at 30 companies a day, everyday, can eat a lot of time when hunting for a position."

6 of 74 comments (clear)

  1. Don't worry... by technos · · Score: 3, Interesting

    In the last ten or fifteen years at up to a dozen different places I've only ever seen one storage system for applicants that didn't get the job: Box in the back of a storage closet.

    No one knows it's there except the HR drone that hid them, and the closet is locked because it also contains said HR drones stash of candy and Garfield posters.

    In fact, it's probably better protected than information people want. In those same places, sales records, customer billing info and record on current employees were treated with less security.

    --
    .sig: Now legally binding!
  2. Not very. by Aeron65432 · · Score: 2, Interesting

    If this story and its' comments are to say anything, not very safe; good luck trying to get your personal data removed.

  3. Be Careful of ID Theft by Anonymous Coward · · Score: 2, Interesting

    Actually I would be very wary of providing SSN, DL, DOB, or any other identifying information. It wasn't to long ago (2 months) that the FBI issued warnings about identity theives posing as hiring companies so that they could obtain your information and then use it. Be especially leary of calls/emails from supposed agencies that you did not directly apply too.

    I am sure that you are doing your homework on the companies that you are applying to. But it is necessary to restate that if you are going to ask for a job, then you should know who the h3ll you are going to work for.

    As for the poorly designed application processes, if they insist on data entry in these fields on their web forms, then use the old tried and true 999-99-9999 or some other such bogus info. I would stick to the 999-99-9999 type of entry to avoid being accused of fraud. I have heard rumors of court decissions that have supported the concept of this being a universal way of saying that you do not wish to divulge that yet. If they allow you to submit additional comments then state that the additional information will be provided when a contingent offer of employment is made.

    With ID theft such a huge issues these days, I would expect that many companies would understand your position and will attempt to assuage your concerns. Do you really want to work there if they don't?

    - Nuff said

  4. Multi-stage applications by 91degrees · · Score: 2, Interesting

    'They make the process hard on purpose -- weeding out the lazy applicants.'

    I fully appreciate this idea. Jobhunting is a two way process. I reject any company that has an annoying inflexible application process on the theory that they would be annoying inflexible companies to work for. Of course, for certain jobs, I recommend the right sort of lazy. A clever lazy person will do a job in a way that means all dependent tasks can be done in half the time.

  5. my experience as a criminal background researcher by Anonymous Coward · · Score: 5, Interesting

    I've been working as a criminal background researcher for a company that gets hired to do pre-employment background checks. I'd describe the security protocols as being more than lax:

    a.) I receive the lists of people to check over a non-encrypted HTTP connection. These lists include name, DOB and SSN. (I'll admit to making it worse by accessing this non-encrypted website over my neighbors open wi-fi connection.)
    b.) The background checking company gives no instructions about how to treat the data, how to destroy the data after it's been used, etc...all of which seem de rigeur in today's world.
    c.) The issues applying to a.) also apply to the government court websites used to check the data.

    Background checking companies are often just run by ex HR people, and, as you can expect, many of them are not trained in security issues like this.

  6. Re:license number sensitivity by i.r.id10t · · Score: 2, Interesting

    Here in Fl. it is based on your date of birth and your full name without vowels. Had a program on my 8088 that would take that info and spit out the correct DL number, or allow you to enter a DL number and it would spit out the name (no vowels) and DOB.

    --
    Don't blame me, I voted for Kodos