Risk
1/27/2010
06:23 PM
Connect Directly
LinkedIn
Twitter
Google+
RSS
E-Mail
50%
50%

Microsoft Finds Indiscreet Sharing Costs Jobs

A survey commissioned by the company shows that the majority of human resources professionals have rejected job applicants based on information found online.

In anticipation of Data Privacy Day on Thursday, January 28, Microsoft has released research showing how indiscreet publication of information online can prevent Internet users from getting jobs.

According to a December survey of 2,500 consumers, human resources managers and recruitment professionals, 70% of the HR respondents from the U.S. said they had rejected job applicants because of information found through an online search. Among U.S. consumers, only 7% believe online data has affected their efforts to get hired.

"We're really quite surprised by the findings," said Peter Cullen, chief privacy strategist at Microsoft, in a phone interview. Cullen said while its not unexpected for human resources professionals to conduct online searches about job applicants, the extent to which online research has become commonplace and has been formalized in corporate policy should prompt people to revisit their assumptions about privacy and online reputation.

The survey was conducted in the U.S., the U.K., Germany, and France. Outside the U.S., the impact of online information on hiring appears to be less significant. In the U.K., 41% of responding recruiters and HR professionals said they'd rejected candidates following the discovery of negative online information. In Germany and France, the rates were 16% and 14% respectively.

One reason for the disparity may be that 75% of recruiters and HR personnel in the U.S. report that their companies have formal policies requiring them to research job applicants online. In the U.K., only 48% of recruiting and HR respondents said their companies had policies of this sort. And in Germany and France, that number is 21%.

In a blog post, Cullen says that the survey shows how we as a society are still trying to reconcile privacy with life online. To illustrate that point, he notes that 63% of consumer respondents expressed concern about the impact of their online reputation on their lives. At the same time, less than half of consumers surveyed say they consider their reputations when they post online and less than 15% of consumers believe that online information affects their ability to get a job.

Online reputation matters less for companies like Microsoft, which appear to be willing to ignore inconsequential indiscretions to secure hard-to-find technical talent. Cullen said that Microsoft's hiring policy does not place much emphasis on online information. "We're a technology company, so we've found that skills and competency are much more important," he said.

If there's good news in the survey, it's that positive online information can have a positive effect on recruiters and HR managers. "Eight-six percent of HR professionals believe that online reputation has had a positive impact on an applicant," said Cullen. "Having a positive online reputation can be just as influential [as having a negative one]."

Cullen sees privacy making a comeback, as the impact of its absence becomes clear.

"The trend I've observed is that people are actually thinking more proactively about who they're friends with and the information they share," he said.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2015-5084
Published: 2015-08-02
The Siemens SIMATIC WinCC Sm@rtClient and Sm@rtClient Lite applications before 01.00.01.00 for Android do not properly store passwords, which allows physically approximate attackers to obtain sensitive information via unspecified vectors.

CVE-2015-5352
Published: 2015-08-02
The x11_open_helper function in channels.c in ssh in OpenSSH before 6.9, when ForwardX11Trusted mode is not used, lacks a check of the refusal deadline for X connections, which makes it easier for remote attackers to bypass intended access restrictions via a connection outside of the permitted time ...

CVE-2015-5537
Published: 2015-08-02
The SSL layer of the HTTPS service in Siemens RuggedCom ROS before 4.2.0 and ROX II does not properly implement CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, a different vulnerability than CVE-2014-3566.

CVE-2015-5600
Published: 2015-08-02
The kbdint_next_device function in auth2-chall.c in sshd in OpenSSH through 6.9 does not properly restrict the processing of keyboard-interactive devices within a single connection, which makes it easier for remote attackers to conduct brute-force attacks or cause a denial of service (CPU consumptio...

CVE-2015-1009
Published: 2015-07-31
Schneider Electric InduSoft Web Studio before 7.1.3.5 Patch 5 and Wonderware InTouch Machine Edition through 7.1 SP3 Patch 4 use cleartext for project-window password storage, which allows local users to obtain sensitive information by reading a file.

Dark Reading Radio
Archived Dark Reading Radio
What’s the future of the venerable firewall? We’ve invited two security industry leaders to make their case: Join us and bring your questions and opinions!