We recently posted about ransomware and how a client of ours was hit with a version of CryptoWall that had come masked in an emailed zip file that was supposed to be a resume. Something very simple and something that almost every business in the world receives through email regularly. It also happens to be a very simple and effective way for someone to send Malware to infect your business machines.
So how to deal with it in the digital age? It isn’t reasonable to assume everyone is going to walk in a paper resume and even fax machines are becoming an archaic technology (though surprisingly secure…aside from sending something to the wrong fax number).
Here’s a quick and easy method to make receiving resumes as safe as possible: require that all resumes must be sent as a PDF document, and that any resumes sent in other formats, or zipped up will be deleted immediately.
PDF documents are closed documents that cannot be altered after their creation and are about as secure as you can get for document sharing. If you are posting on a job site, or using your own website to request resumes, it would be a good policy to indicate you only accept resumes sent in PDF format. The latest version of Microsoft office can natively save to PDF and there are some simple free PDF creation tools available (such as cutePDF), so there is no barrier to people using this format.
Not only will you add another layer of protection to your IT, but your HR will also know the candidate has at least a modicum of computer skills to boot!