Category HR Tips and Practices

Monster’s data breach highlights uneven online practices

By now, the perils of securing online data with little more than user names and passwords should be well known. Monster.com learned that lesson late and the hard way, prompting last week’s disclosure that the Web jobs board will spend millions of dollars to improve its security.

Monster Worldwide Inc. recently discovered that con artists had grabbed contact information from resumes for 1.3 million people — and likely many more, since Monster now says this was not an isolated incident. Files were pilfered not only from Monster.com but from USAJobs.gov, the federal-government career-listing service operated by Monster.

The stolen information is not by itself ultra-sensitive, since resumes generally do not include Social Security numbers, financial data or account information.

But contact information can be lucrative for online criminals, who used what they got from Monster to craft “phishing” e-mails that go after such sensitive data.

The affair could serve as a warning to other businesses that operate online. But if the past is any guide, many will shrug off this episode.

“You’re going to see this happen again and again and again,” said security analyst Bruce Schneier, chief technologist for BT Counterpane. “I assure you, every other company didn’t say, ‘Wow, look what happened to Monster, we have to fix our problem.'”

Blame many factors. For one, upgrading security can be expensive, and many companies are reluctant to shell out for improvements until they’ve been viscerally reminded of the need for it.

“How do you justify a $10 million security budget when nothing happened last year?” said Mark Rasch, a former federal cybercrime investigator now with FTI Consulting Inc.

Another problem is that companies are hesitant to put up blockades that can annoy legitimate users.

“We’re all accustomed to a straightforward and easy experience,” said Dennis Maicon, executive vice president of Digital Resolve, a unit of Landmark Communications Inc. that sells automated fraud-detection systems. “We want to do things quick, we don’t want to jump through all kinds of hoops to say, ‘Hey, it’s me,’ because a good portion of the time, it is you. A company like Monster has to maintain the customer experience.”

That balance can shift, of course, if regulations require more stringent security. Many financial institutions and insurance companies have adopted extra measures like Digital Resolve’s authentication technology as a result. It lets customers sign on in a straightforward way but scans for anomalies (the user is signing on from, say, Ukraine all of a sudden) that might indicate an unauthorized person has stolen the password.

After the Monster breach was disclosed by researchers at Symantec Corp., Monster pointed out that its network security had not been broken. No one hacked in, after all. Rather, the criminals obtained legitimate keys to the system — most likely by phishing or guessing passwords belonging to recruiters with access to Monster’s tens of millions of resumes.

Yet the chance that someone would co-opt legitimate access to a network should itself have been considered a security flaw.

In one of the most infamous incidents, data-gathering giant ChoicePoint Inc. found in 2004 that criminals had posed as honest-to-goodness customers and filched information on 163,000 people. ChoicePoint ended up spending about $30 million fixing the situation, including $15 million to settle charges from the Federal Trade Commission that its standards were weak.

It’s unclear how much of a hit Monster’s breach will cause the company, which already has been struggling. A month ago it announced layoffs of 15 percent of its work force. The stock is near 52-week lows and a key finance executive just departed.

To respond, Monster has said it would spend at least $80 million on upgrades to its site, which now include security changes. Among them: closer monitoring of the site and limits on the way its data can be accessed.

Patrick W. Manzo, Monster’s vice president for compliance and fraud prevention, said the company had already been exploring several of the steps.

“What this incident has brought sharply into focus is that this is an issue that needs to be addressed immediately and not something that you can look at with a phased approach,” Manzo said Friday.

Some of Monster’s newer practices may already be in place at rival online job boards. For instance, both CareerBuilder.com, which is owned by newspaper companies and Microsoft Corp., and Yahoo Inc.’s HotJobs say they limit the number of resumes that one user account can access over a given period. (That is of limited effect, however, if fraudsters corrupt multiple accounts, a common pattern.)

CareerBuilder spokeswoman Jenny Sullivan added that her site has software that monitors for excessive or otherwise unusual usage patterns. Last week, CareerBuilder began “scrubbing” Social Security numbers and other sensitive information out of postings left by job seekers, though Sullivan said that step was in the works even before Monster’s breach.

The unavoidable truth about computer security, though, is that such steps can slow but not stop online fraud. Gartner Inc. security analyst Avivah Litan advises job-seekers to use a separate e-mail account for career queries and publicly post only basic contact information, nothing more than what could be found in the phone book.

“Assume nothing’s safe,” she said.

On the Internet:

Monster.com’s security page for users:

http://help.monster.com/besafe

HES Global Hospitality Executive Search Opens New China Office

HES Global Hospitality Executive Search has opened an office in Beijing to service the hospitality sector in China’s capital city.

The new office is located at the Wanda Plaza, in Chaoyang District, with view on some of the longest and most established hotels in Beijing, and currently at least four other five-star international hotels opening within a perimeter of 500 meters.

According to Rene J.M. Schillings, director for Greater China and Singapore of HES Global, this move is only the next logical step to further capture the market in China, which is needy for experienced Chinese hoteliers and China-experienced expatriates.

HES Global Greater China has an office in Hong Kong, from where it serves its clients outside of Greater China, and another outlet in Shenzhen.

Another six best practice for a Sourcer

1) Automated sourcing and candidate mining should be used.. Spiders, bots, search engines etc..
web spiders should be programmed to crawl, retrieve, and upload candidates into the applicant tracking
system based on both current and future needs.
Infogist , Talenthook , AIRS OXYGEN, comes to mind.
I heard of horror stories on someone sitting in the headoffice making the decision on what tools should be used.
Rather have inputs from actual users.

2)Better use of the new recruits. As they are the trusted sources for their ex-colleagues.
Its not about bombarding them with Employee Referral program message rather recruiters should take the
time out (just take them for lunch) and network with them.

3) Companies are doing exit interviews but never follow up. Does your recruiter gets a feedback why the hire left?

4) Ex Employees and contractors (who worked through third parties) who turned the offer down in the past or left the company. These candidates already know the firm, the culture and might be a easier hire.

5) A culture and environment must be created and a strategy in place to source passive candidates. Sourcing should be based on future needs rather than current or immediate needs. . This process must be a constant building of proactive pipelines of passive candidates.

6) Try new methods of sourcing like job networking sites, podcasting, blogs ,bountyjobs , jobster,
virtual recruiting etc. etc. Reach out to niche sites as many allow you to do free promotion for you.

10 Key Off-Peak Hiring Tasks

08/06/2007
By Frank Mulligan – Recruit China

From the beginning of July to the end of August is generally a bit of a lull for hiring in China. Senior managers are away on holidays and budgets have yet to be developed.

If you have recently introduced some form of online hiring, the efficiencies it generates may leave you at a loss what to do with the extra time on your hands. Even if you haven¡¯t introduced online hiring you will still have free time on your hands. Perhaps it¡¯s time to undertake some preparatory tasks for the rush in September!.

1.. Do a survey of all top employees and ask them why they accepted the job when they were hired. Also ask them what they think the top selling points of the firm currently are. Add this information into your Talent Management System and itemise the reasons one by one. With this data from this task you will be in a better position to sell your company to China¡¯s professionals when you begin hiring again. Lulls always end.

2.. Do a survey of all candidates who rejected an offer in the past year to find out what the deciding factors were that led them to turn down your offer. Again try to systematise this by organising their reasons into broad areas that can generate metrics.

3.. Develop an online mail newsletter that will keep potential candidates interested in your company and aware of current hot opportunities. Send it out once every three months to opt-in candidates only.

4.. Review hires generated in the past year by collecting on-the-job performance data and manager satisfaction information. Compare this data with your notes during the interview process.

5.. Get into the important operations and sales meetings to learn which roles in the organization will be mission critical, i.e. where a vacancy or delay in recruitment would cause critical organizational failures, such as delaying time to market or compromising product quality.

6.. Search through your online Talent Pool (if you have one) and request additional information from candidates who have not filled out their profile fully.

7.. Isolate the key candidates in your online Talent Pool and separate them out from the others. Devise a system to increase the communications from your company with these selected professionals.

8.. Remember that recruiting is marketing, and build a clear, concise document that illustrates your Recruitment Brand. Use it in all future recruiting. In the ideal world, build this document into your Careers@ section of your website.

9.. Spend time with your line managers to see what behaviours they want more of, and less of.

10.. Develop scripts for phone interviews and build them into your Applicant Tracking Systems(ATS).

In the end there are many tasks that recruiters in China can undertake today to help make their jobs a little easier and to be more productive when the hiring season starts again.

Let¡¯s keep the slow out of the slow season!.

China’s new employment law gets negative response from multinationals – survey

BEIJING (XFN-ASIA) – China’s proposed employment contract law has created growing feelings of uncertainty and pessimism among foreign-invested enterprises, according to a survey conducted by law firm Baker & McKenzie and HR consultants Hewitt Associates .

The draft legislation was submitted to the National People’s Congress this week for its third and final reading but the survey found that the majority of respondents had a negative view of the new law.

‘Almost no company expects an overall positive impact,’ said Susan Derkach, senior consultant at Hewitt Associates, Beijing.

‘Over one-half of participants believe that when implemented, the new labor contract law will have a negative or very negative impact on their daily business,’ Derkach said.

After he first draft of the law was published last year it prompted 191,000 comments from the public to the government.

This prompted amendments to the second version including changes, such as an increased emphasis on open-term contracts, non-compete and confidentially agreements, training contracts and probationary periods, restrictions on fixed-term contracts, more specific definitions and limitations concerning mass-layoffs.

‘Overall, there seems to be a great degree of uncertainty among the participants about the potential implications of the new law on their companies. Similarly, the majority of participants do not seem to be sure how they should prepare for passage of the law,’ Derkach said.

‘We believe that companies should aggressively pursue the following three actions: a comprehensive review and redrafting of the work force planning process and strategy; a comprehensive audit and redesign of all HR policies, manuals, collective agreements and employment contracts; strategic decisions on employee representation and collective bargaining,’ she said.

The new law is expected to take effect from Jan 1, 2008, but implementing it will challenge most companies, other experts said.

‘The law as it stands is very opaque and it is unclear as to how it will actually be implemented,’ said Andreas Lauffs, head of the employment group at Baker & McKenzie, Hong Kong.

‘So far there has been no mention of grandfathering or of any transition period,’ Lauffs said.

Further concerns of respondents to the survey related to trade unions and employee representation.

‘This could be an issue in the face of recent moves by China’s trade federation to unionize some high-profile multinationals,’ Lauffs said.

Both McDonald’s and KFC recently came under pressure from the state-controlled All China Federation of Trade Unions to cooperate with the formation of unions in their outlets.

The survey showed that almost half of the 436 participants have no employee representation while 89 pct are not covered by a company or industry collective agreement.

‘Only a small number of companies seem to have specific plans to address the potential new requirement to negotiate a collective agreement with their workforce,’ Susan Derkach said.

Those surveyed included wholly owned foreign enterprises, join ventures, representative offices, non state-owned enterprises and state-owned enterprises.

China: China Employment / Labour Contract

The Labour Law of the People’s Republic of China (“Labour Law”) is applicable to all employment relationships between individuals and enterprises in China. However, local governments of provinces, autonomous regions and municipalities may, and most of them do, issue detailed measures and rules for the implementation of the Labour Law. Such detailed measures are promulgated based on the Labour Law, with changes and specific details made in light of the local conditions. Thus, when dealing with China labour or employment matters, reference should always be made to the local regulations (in addition to the Labour Law), particularly as regards social insurance benefits and welfare benefits.

The Labour Law requires the establishment of an employment or labour contract (“Contract”) between the employer and employee for the purposes of recording an employer-employee relationship. The Contract is required to be made in writing and must necessarily be based on the principles of equality, voluntariness and mutual consent. If the Contract is not concluded based on such principles or is otherwise in violation of any PRC laws, administrative rules or regulations, the Contract may be treated as invalid in its entirety, or as regards the affected parts only, depending on the seriousness and nature of the violations.

Any dispute over the validity of the Contract or otherwise should in the first instance be referred to the relevant labour dispute arbitration committee (being part of the labour tribunal) for determination, and if the employer or employee concerned does not find the arbitration outcome acceptable, either side may refer the matter to the relevant People’s Court for a judgement to be made.

The Contract should deal with the following:
1. term or duration of the Contract;
2. job description or the scope of work to be performed;
3. labour/employment protection and working conditions;
4. labour/employment remuneration;
5. labour/employment disciplines;
6. conditions for termination of the Contract; and
7. responsibilities for breach of the Contract.

The parties are free to agree on other matters for inclusion in the Contract. It is in fact common to agree on a probationary period, the employee’s duty to observe confidentiality or non-disclosure obligations, non-competition covenants, etc.

The Contract may be terminated at any time by mutual agreement between the employer and employee. Severance is generally payable to the employee on termination of the Contract, save in the case of a summary dismissal or where termination is due to the employee’s resignation.

Where severance is payable, it is calculated with reference to the:
• number of years of service rendered; and
• average monthly income based on the employee’s income for the 12-month period immediately preceding the date of termination (and “income” includes base salary, bonus, subsidy, allowance, commission, etc., paid to the employee).

The severance amount payable equals the average monthly income multiplied by the number of years of service. In most localities, an incomplete year of service is treated as a full year for purposes of calculating the severance.

60-Second Guide to Employee Recruiting

A small business owner was looking for a few good employees for his alarm company. In the past, he advertised in the classifieds. Then, it dawned on him that the kind of employee he wanted probably wasn’t sitting at home reading the “help wanted” ads. His best workers had always come to him with personal recommendations. That’s when the first brainstorm hit. He chose a select group of customers and sent them a letter asking their help with his recruitment drive. He got his referrals and the unexpected benefit of engendering goodwill with his customers, who were flattered to learn he thought so highly of their opinion.

In just 60-seconds, you will learn how to recruit and hire good employees.

0:60 Take Recruiting & Hiring Seriously
The lesson here is to treat your employee recruitment efforts as seriously ¡ª and creatively ¡ª as you would any other business-related endeavor. A new employee is a major investment. There¡¯s the cost of training and the cost you want to avoid ¡ª the mistake of hiring the wrong person.

0:46 Use Your Network to Find Good Employees
When you set out on your candidate search, do as the small business owner did and solicit referrals from customers. Ask acquaintances, colleagues, and current employees as well. Other avenues include college placement offices, trade and professional associations, and employment agencies.

0:38: Set up an Interview Schedule
When you begin receiving resumes, you’ll want to contact the best candidates and set up an interview schedule. Prepare a list of questions to ask each candidate. By asking everyone the same interview questions in the same way, you will be able to more fairly compare their responses.

0:20 Pay Attention to Your Initial Impression
Check the candidate’s references, but be warned that you may not get an accurate picture. Sometimes people will give positive references because they fear legal action. It’s better to rely on insights you glean from the interview and by paying attention to your own gut feeling. Ask candidates you are impressed with to come back for a second interview.

0:11 Be Clear About Responsibilities
During the hiring process, be clear about the new employees’ role within the company. Set expectations by defining job responsibilities before hiring the candidate. A job description clarifies everyone’s duties and heads off confusion about who is responsible for what tasks.

0:03 Make the New Hire Feel Comfortable
Put your best employee in charge of training the new hire, and consider starting off with a three- or six-month trial period. If you approach your employee recruitment efforts with the same creativity and drive you do other business projects, chances are you won’t have a thing to worry about.

Measure and Control Human Resources Performance

The business success is about taking right people to the right place on right time. So what is the problem? Actually, if you need to manage not one, but five employees or better five groups of employees, then you face the problem of measuring and control. It’s hard to tell whether one group is performing better or not, it becoming hard to compare one employees success against other one, it’s hard to see the unique features of people. So what the solution is? The key metrics and key indicators, which will tell you how to manage your stuff right.

There are two approaches I suggest to take into account when thinking about human resources (HR) at your company. First, you can think in terms of process, second you can think it terms of how do employees affect the whole business.

The processes of working with employees include: hire, education, management, retire. All the stages must be processes carefully, as they could fully change your business. For instance, if you will have the best system to hire stuff, but it will be working slowly, then you will fail. If your education system will allow to train everyone, but will not allow to check the actual performance generated by training processed, then you will fail. If your best people will retire, then you will lose.

So, that’s why it’s really important to measure and control all processes involved into employees relationship. People who you work with, should understand what your goals are and how they will help to achieve these goals. This is the key idea of manage and control in employees management processes.

Another approach is focusing on how someone’s job affect the company. It’s obvious that even if someone works in a Sales then he or she will affect not only the financial part of the business by generating sales, but also all other parts.

For instance, sales person will be involved in entire company processes, such as education and knowledge sharing. This person will also work directly with customers, so he or she might not just sale, but get a valuable feedback from end users of your product. These people will also help your company to grow not just in terms of sales, but in terms of better business processes and business efficiency.

So how to measure and control HR department at your company. The answer is very simple – you should develop some key indicators that will represent company business and then pay attention to what is working good and what should be changed. There are many names for this system, for instance KPI (Key Performance Indicators) or Balanced Scorecard. The result is having the clear view of what is going to happen in company and how it will steam-line your business.

What should be the first step? Actually, I think you have already had some important information for scorecard. For instance, you have document called “mission”, this is a general definition of your principles, you can some business goals, you have business processes described and formalized. What you need now is to gather all this important information into a easy to manage system, which will take in account the importance of each metrics. This system (Balanced Scorecard or KPI) will help to manage and control the performance of your HR department.

Top 10 Hiring Don¡¯ts In China

By Frank Mulligan – Recruit China

In a War for Talent market like China you might want to consider your hiring process your Number 1 priority.

You can run as many Six Sigma FMEA projects as you like to improve quality and speed of hiring but sometimes it¡¯s just easier to tell line managers what they should not do. It¡¯s a quick and dirty solution that might give you time while you work out a more detailed, nuanced approach.

This advice is specific to what line managers in China should not do but it could just as easily cover other hot markets likes India or Ireland. Please copy, paste, modify and email as you see fit.

Top 10 Things Line Manager¡¯s In China Should Not Do

Do not wait more than a few hours before you begin to review applicant emails or online application links sent to you by your internal Recruiter.

Do not wait more than one day to respond with a decision about which candidates you want to actually meet. Recruiting is sales and you wouldn¡¯t keep a hot sales lead waiting, would you?

Phone screen all applicants and take the time to cull unsuitable candidates. Aim to bring in only two to three people and hire one.

Don¡¯t assume anything. Tell your Recruiter in detail why you thought his/her presented candidates were unsuitable, or suitable.

Never tell your Recruiter that you will only interview when he has enough candidates ie. more than 4. Interview what he presents now. If you wait more than a week you are likely to lose the current slate

Never miss interviews unless it absolutely critical. When you have to reorganize timing, be flexible and show the candidate that this is not how you normally work. Above all pay them the respect they deserve.

Once you have decided that someone is suitable, get an offer to them within a day or two. If you cannot do this, ask why, and take steps to ensure you are ready the next time. HR can support you with standard contracts etc.

Do not allow yourself to be unduly influenced about not hiring someone. On the other hand if everyone agrees act fast, the time for thinking is over.

Communicate with the successful candidate at least 5 times before he comes on board and meet him at least once. This is not HR¡¯s job.

And finally, be there when the candidate arrives for his first day and make sure you have thought through what you will do with him for that first day.

The Responsibilites Of A Recruiter

When you first start recruiting, the world is your oyster. You get the opportunity to help people find jobs, a noble way to earn your bread and one that promises a good living if you work hard.

Making phone calls, meeting with candidates, and finding new ways to uncover resumes is all part of the fun. Most people enjoy taking your calls, and in terms of respectability, most people really do like recruiters. Ask any parent, and the job of recruiter is a very respectable one. You may not be a doctor, but you help people and you make money.

But very soon, the recruiter runs into the hard facts about employment. The control of the process is all in your mind. The real task of recruiting is not finding candidates or finding job orders, but rather making a connection between an employer and a job-seeker. And at the end of the day, working with people is infinitely harder than working with widgets.

After 3 months or so of getting battered and bruised and quite honestly, failing to place people, as many recruiters do, most newbies start to wish for a job that is less sales oriented and more creative. Recruiting is hard work, but it’s not always smart work.

Maybe this is why so many experienced recruiters are jaded. Having seen the employment process up close, they know that is is unpredictable, and that keeping your word is not a valued commodity for hiring managers or jobseekers when their job is on the line.

It’s a results-driven business. If you want to eat, you do what you can to survive, and that hardens you. You can’t afford to let emotion get into your decision-making process, but emotion is exactly the right selling technique you need to be successful.

So the question this leads to are what are your responsibilities as a recruiter? The client pays you, and so perhaps your responsibility lies in helping them? The problem is you have many clients, and so who gets your best effort? How do you manage your time?

And what about the candidate? Surely they are a client, too? But they don’t pay you, and you can’t afford to be their career counselor in any meaningful way, especially when their job is to get a job, not make you money.

There is no single answer to this question – there is no should here that can be defended. There is no “one right way” that protects all parties and leads to a gleaming city on the hill of profit, respectability, and happy clients. Every situation is different, and in the end, everyone gets burned at some time.

So the real question is not, what is your responsibility as a recruiter, but rather, what is your responsibility to yourself.