<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=353110511707231&amp;ev=PageView&amp;noscript=1">

Cyber Security: How Secure is Your Assessment Data?

November 6, 2014

SecurityWere you aware that October was “National Cyber Security Awareness Month”? Even though October has ended, our awareness for Cyber Security should remain high!! There are certainly lots of reminders in the news from password leaks, to data breaches, and even the hacking and exploiting of legacy security protocols.

Even with its own “awareness” month and constant (bad) news being reported, many of us still do not follow the basics when it comes to cyber / software / IT security. Therefore, I would encourage you to review, and use, these common suggestions to protect yourselves:

  1. Use strong, complex, easy to remember passwords, and change them frequently. Just because a password is strong and complex, does not mean it has to be hard to remember or type.

  2. Avoid phishing. Simply put, if that email or link that showed up in your inbox is suspicious looking, avoid it.

  3. Keep all of your software up to date. Ensure the software you use is current by checking for and installing updates when available. This is critical for all software, but of course, it is most critical for operating systems, Internet browsers and security software. And this applies to all devices (e.g. PCs, laptops, smartphones, and tablets).

At Select International, our goal is to help our clients find, select and develop their own employees. Software is an important piece of meeting this objective - all of our assessments are software based. Therefore, it is important for us to implement easy to use, robust software that is safe and secure for those accessing our solutions. Here are a few of the security measures we have in place:

  1. All transmitted data to and from our solutions is encrypted (i.e. HTTPS). This makes it very difficult for hackers to intercept and decrypt any data between our clients, candidates and Select.

  2. User accounts are required to meet a minimum password strength.

  3. User account and password information is encrypted at rest. Therefore, even in the event of a data breach, this information is stored as encrypted data.

  4. Supporting systems infrastructure hardware and software is updated regularly to ensure that our vendor hardware and software remains safe and secure.

We are seeing more of a security trend from the web browser standpoint as well. Microsoft, being aware of the high number of users using legacy browsers (e.g. Internet Explorer 8 or IE8), recently announced a change in how they will support Internet Explorer. Specifically, Microsoft will be moving to a model more in-line with Mozilla Firefox and Google Chrome where they will only support and patch their latest releases of IE. IE users will not notice any changes to IE support until January 2016. Starting then, only the most recent version of Internet Explorer available for a supported operating system will be supported by Microsoft. Consequently, IE8 will no longer be updated by Microsoft. While the browser will continue to work, it will not receive product updates and security patches from Microsoft. This will likely force users to upgrade to a newer version of IE; however, the user will be inherently safer because they will be using a browser that is actively being maintained.

As it applies to keeping technology up to date, we can only ensure the software and systems we create and manage are current and patched. It is also important for users to keep their own software up to date and they must understand the risks of using outdated software – especially when it comes to accessing the Internet.

Chris Policicchio Chris Policicchio is the Director of Technology & Development at PSI. He focuses on leading the process teams that implement the technology behind PSI’s employee selection and development systems.