When recruiting personnel to work in roles dealing with cyber security, such as IT, data roles and telecommunications, it’s natural for the recruitment team within the department and the HR team to seek out the best person for the job.
This will include experience and qualifications, and it will also be key to ensure that your new recruit is a best fit for your company, able to work well within the wider team around them and allowed to become an asset to your brand.
However, when recruiting for roles that where employees will work with or near sensitive data, it’s essential to ensure that your candidates can be trusted. But how can you work out a candidate’s trustworthiness? How can you ensure that a cyber attack doesn’t compromise your cyber security?
Why do data roles require vetting?
Any company or organisation, whether a public or private body, needs to be able to trust their employees with sensitive data. While this will not include classified information, sensitive data can still be extremely useful and powerful in the wrong hands.
Are cyber attacks increasing?
It feels as if we are increasingly frequently hearing news stories about data attacks. In 2024, supermarket systems have been brought to a standstill and systems have been hacked to access sensitive and personal data in ransomware attacks.
Attacks are on the increase, with DIGIT, Scotland’s leading technology media, stating that there has been a 30% in attacks in 2024 globally, in Q1 alone.
Ransomware attacks are also on the rise, with attacks that involve public extortion growing – especially in manufacturing, healthcare, communications and the utilities sector. In cryptocurrency attacks, over $1.1 billion worth of cryptocurrency was lost through Web3 cybersecurity incidents in the first 6 months of the year.
Could this happen to any business? Absolutely. The UK Government Cyber Security Breaches Survey specifies that 50% of UK businesses had suffered a cyber attack or security breach in the previous 12 months.
The reasons behind these attacks include increased identity theft on social media, hackers employing social engineering to find targets and attacks on supply chains.
Simply put, many companies are not taking cyber security seriously enough.
How does a BPSS check increase cyber security?
The simple answer is that it doesn’t impact your IT systems. In terms of data security, there are no quick or easy fixes but, if the worst does happen, employers and organisations need to be able to rule out deliberate and malicious employee actions as the root cause of the attack or the breach. This is where a BPSS check can support your cyber security.
A BPSS is a good indication that individuals can be trusted with sensitive information –whether it is personal data or systems processes – and that they do not pose a security threat to your organisation.
BPSS Checks for Sensitive Roles
BPSS checks allow you to assess the honesty and integrity of a potential employee based on an approved UK Government framework that goes beyond the traditional interview and reference process.
What is a BPSS Check?
A BPSS check (Baseline Personnel Security Standard) is a legal requirement for pre-employment screening of employees that may have access to sensitive data and information. BPSS screening is also a pre-requisite for employees that may have access to government assets.
When did BPSS checks become a legal requirement?
BPSS checks became a legal requirement in the UK in 2006 and was implemented by the UK government as a minimum screening standard for anyone that works with sensitive data in any role, or employees that work for the government or contractors that work on behalf of the UK Government.
‘When do I run a BPSS check?’
A BPSS is undertaken by the employer once an offer of employment has been made to the candidate. Traditionally, at this point, the offer may have been made subject to references. With BPSS checks, it is likely that the offer is made subject to BPSS clearance.
How does a BPSS check work?
BPSS checks delve deeper into the candidate’s background to understand if they are the ‘right’ person to work with sensitive and/or government data.
If you are a contractor working to secure a government contract, you will have to undertake a BPSS check.
Often, securing BPSS clearance before an offer of employment or a contract can be a nerve-wracking time for the candidate – and slow up HR processes dramatically.
To reduce paperwork and accelerate processing times, without compromising on security levels, we offer the BPSS check online. This means that employers and HR departments have access to our online BPSS check portal, where you can track your check through the system and monitor timelines. At Checkback, we’re targeting a 5-10 day turnaround for online BPSS checks.
What’s included in a BPSS check online?
A BPSS check is made up of 4 separate elements. They can be easily remembered as they form the acronym – RICE.
- Right to work – Includes a nationality and immigration status and queries the entitlement to undertake any form of employment in the UK
- Identity – Complete ID Data check
- Criminal Records – A Basic DBS check, which includes a search for unspent convictions only.
- Employment history check – Check of previous 3 years’ employment minimum, which can be extended to 5 years with a Checkback BPSS check. Candidates must disclose any periods of cumulative 6 months or more spent abroad in the previous 3 years.
How much is a BPSS check?
The cost of an individual’s BPSS check will depend on whether or not they need to undertake a DBS check as part of the BPSS. While a Basic DBS is required to satisfy the BPSS check criteria, individuals may already have a valid Basic DBS check.
At Checkback, we have a team of highly experienced employment screening specialists. They are on hand to answer any questions that you may have and will be able to advise on what screening each of your candidates need.
We also know how important it is to onboard the right person for the role, and we work diligently to turn BPSS checks round as quickly as possible – which will let you secure your best fit professional at speed.
Talk to a BPSS screening specialist today.