With great power comes great responsibility; Collecting candidate information as part of your recruitment process entails with it the responsibility of ensuring that the access to the data is secure and to authorised personnel.
The security threats landscape is ever evolving, and with the remote working arrangements brought about by the COVID-19 pandemic, cybersecurity breaches have been on a sharp rise - In the first half of 2021alone, over 118.6 million people were impacted by data breaches, data exposures and data leaks.
With onslew of ransomware attacks that are launched squarely at corporations in a bid to secure large payouts to recover data, corporations have been busy beefing up security controls to ringfence access to customer data.
However, an often overlooked area of concern is recruitment data that is collected by corporations during their recruitment process. Arguably, recruitment data have the same level of information, if not more, than a typical customer record; It is not uncommon to have address, contact information and even bank records of candidates / employees as part of the recruitment process.
With this in mind, it is therefore important that we provide an additional layer of security for HR team users, or hiring managers that are accessing the candidate application data, and we are happy to share that this feature is available to all our enterprise plan users.
What is Email OTP?
The email OTP (one-time password) is an added Multi-Factor Authentication (MFA) security protocol that enables you to authenticate using the one-time password (OTP) that is sent to the registered email address. Only upon the successful entry of both the user’s login credentials and the OTP, will RecruiterPal then proceed to enable the user to log in. In the event that the user’s login credentials are compromised in a cyberattack, the OTP security requirement will be an added security layer to deter unauthorised access to the user’s RecruiterPal account.
Here’s what you should expect to see when the email OTP is enabled for your account :
Frequently Asked Questions (FAQs)
What happens if I entered in the wrong OTP repeatedly and gets locked out of my account?
Your system administrator will be notified to assist you in unlocking your account.
I prefer to generate my OTP using Google Authenticator instead - What should I do?
With the enhanced security add-on feature, users can choose an alternative OTP generation method, alongside with other security enhancements (e.g. password policy customisation). For more information, please contact your friendly RecruiterPal account manager.
I am unable to receive the email OTP - What should I do?
One of the pre-requisites of this feature, is that your registered email address with us should be able to receive emails from RecruiterPal. If you are not able to find the email OTP in your registered email address inbox nor the spam folder after the OTP is triggered, you may need to contact your corporate IT team to whitelist our email domain. Please reach out to our technical support team if you require further assistance on this.