• silicon.com
• Management
• CIO Insights

By Chris Holbrook, 22 May 2001 10:00

COMMENT The trust we place in recruitment agencies must be greater than that we place in any other individual or group. Think about it. With more and more roles being outsourced - often for short-term projects and at short notice - these agencies are charged with separating the wheat of the human resources pool from the chaff - the skilled and honest contractors from the cowboys of the temp world. They are clearly doing all they can most of the time, but is it enough? A startling account by a silicon.com reader reveals a less than perfect picture and, more worryingly, it seems agencies aren't the only ones to blame. The temporary worker, who didn't want to be named, said: "The company I was called in to had recently suffered water damage caused by a leak during the night. It was obviously a rush job to get the damaged computer systems back up and running as soon as possible." He went on to describe how within hours of starting work he was given full, unmonitored access to staff passwords, storerooms full of brand new laptops, other vital computer equipment, confidential papers and even access to every single user's email account. He added: "There wasn't even a bag check at the end of the day." What's more, the company he was working for didn't see his CV and the recruitment firm hadn't bothered to check up on his references due to the short notice of the contract. He continued: "Originally I was in a team of around 20 people installing Windows NT software on machines, but I could have put anything on them, even viruses. There just seemed to be no security policies in place." They got lucky on this occasion. He was honest. But they didn't know that. The truly worrying thing is that the company he was working for is a major international financial services group. Mark Hutchinson of specialist security firm Evidian reckons there will always be a problem, as IT employees require standard user privileges to do their job. Hutchinson described the situation above as a "typical knee-jerk reaction that is common and symptomatic of a static security policy and bad management". But what can be done to ensure employment of the right type of people? Nick Butcher from Best Recruitment said the problem is that it is impossible to check everything. If someone wants to act in a malicious way, they will. He said: "My organisation is stringent. We would find out if someone had been sacked from their past two jobs for things like gross misconduct and we wouldn't forward them for jobs." However, he said there are lots of companies out there acting as CV factories and potentially letting anyone loose in the Aladdin's cave of firms' computer systems. He didn't name names. A recruitment industry insider echoed his sentiments but said everyone does CV forwarding to some degree because there is so much competition to get candidates' details over to someone before another agency does. She said: "Unfortunately no-one takes up references for a job they get in one day and have to fill the next, unless the company offering the job demands it, though that isn't common. Contract employment is very different to permanent recruitment which is viewed much more seriously." Evidian's Hutchinson went on to say: "There should always be a management structure in place to monitor contract workers so they can be tracked like a normal worker. Unfortunately, businesses always tend to put lost revenue first and security a distant second. The best security policy is one that is updated regularly, taking into account environmental issues." Our worker on the inside concluded: "You would think security was a massive issue, as the recruitment agency has to win the contract annually. If only the companies knew how these agencies go about matching workers to positions, they probably wouldn't use them." He has since moved on to another post.