In the aftermath of 9-11, and the growing problem of workplace violence, the demand and need for employee background checks and security checks are now greater than ever. Employers are turning to investigative companies in greater numbers to run employee background checks on new job applicants and existing employees, including positions where security may not have previously been given much consideration in the “pre 9-11″ era. Many employers are now requiring security clearances for many non-defense related “high-tech” positions including computer programming. Employee background checks are required by Federal or State law for certain occupations such as jobs working with children, law enforcement, defense contractors, and any Federal employment.

Security clearances

Often, in employee background checks, especially where a security clearance is required, employers may run criminal records checks on the spouse of a job applicant as well and decide not to hire somebody based on their spouse’s criminal record, even if the applicant has a squeaky clean record. In a traditional employee background check, only the applicant or employee is investigated while for a security clearance, the spouse and other family members are investigated as well. This holds true not just for top secret job positions within the US Military, or defense contractors, but now many “high-tech” civilian jobs such as programming as well. Unfortunately in some situations, whom one is married to can determine their employability. A dishonorable discharge from the US Military will automatically eliminate any chances of getting a security clearance.

In an employee background check, some things cannot be reported: Civil lawsuits, judgments older than 7 years, paid tax liens and collections paid after 7 years, bankruptcies older than 10 years. All over information except for criminal convictions older than 7 years. While employers are prohibited from requiring applicants to provide copies of their criminal records, they can obtain this information from other sources such as private agencies or public records.

Criminal histories or “rap sheets” are not public record in every state. In some states such as California, these are only available to certain employers where employee background checks are required by State and/or Federal law such as ie: public utilities, child care services, law enforcement, security companies, defense contractors.

Credit checks

A credit background check is very often part of an employee background check, however employers are required to obtain the employee’s or applicant’s written consent under the Fair Credit Reporting Act, FCRA (15 U.S.C.

President Wilson entered World War I to make the world “Safe for democracy.” The rise of the Fascists and World War II shattered his dream and the hopes of civilization that cataclysmic upheavals could be forever avoided. The long Cold War created a perilous world where major powers jockeyed for control with the threat of weapons that could destroy every living thing on earth. The fear of communism exerting a domino effect on small poverty-stricken countries led to the quagmire of Vietnam and the embarrassment of the Contra affair.

With the demise of the Soviet Union, the world breathed easier, believing that, at last, human efforts could concentrate on growth, space exploration, and scientific advance, rather than pressuring its greatest minds into developing new means of destruction.

Throughout history, there have always been regional conflicts, ethnic discord, and religious clashes. The super powers of each era have eventually stepped in and calmed the storms through diplomacy, cultural pressure, or an armed presence.

Iraq was undoubtedly a crude, cruel, despotic regime under Saddam, killing its own citizens, brutalizing and maltreating its minorities, and rattling defiant sabers at a world that failed to grant it the dignity and respect it felt it deserved. Its value to the world defined primarily by the black gold pooled beneath its deserts, it was one more unsettled region like Rwanda, Liberia, or Somalia. It demanded the same kind of response: unwavering political efforts to assert human rights, economic pressure from the world community and condemnation from its neighbors.

Instead, the greatest superpower in the world shunned continued diplomacy and invaded. The same dream of creating peace and democracy was verbalized at every opportunity. The lessons of unrestrained aggression and ignoring ethnic/religious diversity, first learned centuries ago in ill-fated crusades, were ignored. When you know you’re right, it’s hard to concede that everyone else isn’t wrong.

What have we created — a more unstable, troubled, and violence-prone world; an earth that shudders at the armed convulsions racing across its brittle, fragile surface. As new fires flare across the entire Middle East, we hear rumors that an attack on Iran is in the planning stages. From the world’s model of a democracy forged out of the wilderness and renowned for its desire for peace, prosperity, and humanity, we have become the hated face of the enemy, an imperialistic throwback to the 19th Century. We have become the all-powerful but hated Rome of the ancient world.

Despite its grandeur, Rome fell. Not to another superpower, but to the ceaseless raids of uncivilized savages who used their own brand of violence to defeat a culture that knew only violence to maintain itself and made no effort towards exploring peaceful options.

Are we doomed to repeat the past?

Virginia Bola is a licensed clinical psychologist with deep interests in Social Psychology and politics. She has performed therapeutic services for more than 20 years and has studied the effects of cultural forces and employment on the individual. The author of two interactive workbooks: The Wolf at the Door: An Unemployment Survival Manual and Diet With An Attitude: A Weight Loss Workbook, she also issues a monthly ezine, The Worker’s Edge, and various mini-courses on weight control, she can be reached at her Social Psych Blog drvirginiabola.blogspot.com
as well as at her weight control information site www.DietWithAnAttitude.com/index2.html

At times I laugh when I see companies, banks, educational institutions laying so much emphasis on the deployment of firewalls, anti-virus, server room protection e.t.c.

Yes firewalls, anti-virus are good but without a comprehensive information security program in place all these security technology tools will only provide a false sense of security. When we start thinking about information security, we need to think about security as a system not a single technology.

Let Us take a Hypothetical Scenario

A company has over 5 million clients. It has an e-business website. It has deployed firewalls, anti-virus solutions and other vendor security solutions. It conducts 90% of its business through its e-business website.

A Hacker studied the situation and asked; how do i get at this company?

What is the weakest link in the companies information security model? Why the weakest link? The hacker knew that going through the firewall, the intrusion detector systems would take him time which he was not willingly to spare. The hacker found out through painstaking research and study that the over
5 million customers were the weakest link.

The attack followed;

• A fake website of the company was created.
• E-mails were sent to the company’s over 5 million customers.

The E-mail read.

Dear customer,

We have deployed new security solutions that will help increase the security of conducting business with us through our website. Please kindly enter your contact and billing details, by clicking on this link. www.wilbroser.com/details.html.
Thanks for your cooperation.

Yours faithfully,
Alex Brown
Head of IT

Result of the E-mail

Out of the 5 million customers, 3 million of them clicked the link and reentered their contact and billing details.
The remaining 2 million felt indifferent and didn’t respond to the mail. The credit card information of over 3 million customers was stolen.

Why did the Hacker Target the 5 Million Customers of the Company?

The hacker found out that to commit e-fraud, it will take more effort and time going through the firewall, anti-virus and the other security solutions of the company.

The thought of the weakest link came. The company has never embarked on a security awareness training program for customers. A lot of emphasis has been on staff and security solutions.

The hacker identified the customers as the weakest link. Having identified the weakest link , the attack was launched.

Why Was the Attack Successful?

1. The over 5 million customers. None could tell the difference between a fake copy of the company’s website and the company’s website.

2