A company working in the IT services sector asked us to help them in their project to secure the document collection of their new recruits during their hiring process. As part of this process, the company collects identity documents, CVs, diplomas, extracts from criminal records, information sheets, perks and benefits forms filled in by the recruits, photos, etc.
The documents requested from new recruits are for the most part extremely sensitive but particularly exposed since these people are not yet added to the company's information system. These documents are nevertheless essential in order to carry out the necessary steps to welcome a new employee into the company (checks, single hiring declarations, etc.). So how can we guarantee that these documents will only be used by legitimate people and that their detention will not exceed the legally authorized time limits?
The various requirements to address this problem are :
- Only people in the HR department (and possibly some other managers concerned by the recruitment in question) must be able to read these documents, taking into account staff turnover ;
- Each activity must be traced to demonstrate the proper management of access rights and compliance with legal retention periods in the event of an audit;
- Protection must be transparent and maintained throughout the life cycle of the documents.
To be sure to protect documents throughout their entire lifecycle, they must be protected as early as possible with Seald technology.
In this case, this starts as early as the Seald Filedrop page where recruits send their documents in a secure, paperless way.
The Seald Filedrop page ensures that documents are protected as soon as they are captured, before they reach the right people via email notification.
The HR teams work on it in a transparent and protected way, any other access will be denied, wherever the protected document is hosted and even if it is duplicated for processing purposes (emailing, etc.).
The solution presented above consists of:
- Defining who will be empowered in the HR team (and possibly some other managers concerned by the recruitment in question) via the Seald administration tools;
- Customizing the Seald Filedrop page with the company's name and logo;
- Installing the Seald Desktop App on authorized persons who are required to open these documents frequently.
This will enable the following:
- Documents protected in this way can be stored on any server, even a server with no special protection;
- Only authorized persons will be able to open these protected documents. Openings for these people will be done transparently with a double-click using the Seald Desktop App ;
- If people outside the company (and therefore without the Seald Desktop App) are authorized to open protected documents, they will be able to open the documents via the Seald Secure Reader without installation;
- Each activity (opening, attempts to open, transfer, etc.) will be tracked, and access rights will be modifiable in real time, in particular to take into account staff turnover.