Matrix Security Watchdog launches innovative Online Vulnerability Assessment

Share this article:

A new screening service has been launched by Matrix Security Watchdog (MSW) combining the expertise of experienced investigative researchers with intelligent platform capabilities, to comprehensively analyse the threat posed by a candidate’s online and social media activity to both the individual and their prospective employer.

Each check made by the Online Vulnerability Assessment (OVA) is approached from the perspective of a cybercriminal on a mission to compromise a candidate’s personal safety or reputation. It also uncovers evidence of any adverse content that may not necessarily be exploitable, but still presents a risk.

With the benefit of combined manual and automated approaches, OVA investigators are able to identify connections and include wider information into the research process in ways automated solutions may not be able to. For example, investigating web archives, confirming a subject’s prior name through opaque social media connections, or reporting on non-obvious or implied risks.

Furthermore, while many automated solutions restrict research into names, addresses and associations behind further costs, OVA’s inherently dynamic human intelligence-led approach includes such key identifiers and connections by default. Research findings are both summarised into a concise risk score and provided in detail alongside recommendations on how to lessen the risk to the subject where possible. This includes pertinent information that the candidate should seek to remove or make allowances for. OVA is also fully GDPR compliant, sourcing information from publicly accessible resources.

“When any business takes on a new worker, they are gambling that the candidate has no skeletons hiding in their online closet – no potentially embarrassing pictures or guilty secrets that could leave either the individual or the employer vulnerable to coercion, corruption, or public scandal,” explained Susie Thomson, MD at MSW.

“Working in sensitive industries or with classified data increases the risk from attacks such as this – and while social media screening is rapidly becoming the norm for many employers, such checks are intended primarily to protect employers from reputational harm. Equally as important as reputational damage however is the risk posed by information that is available about a person that is not necessarily adverse in any sense, but still creates a risk to that person’s safety which can then be exploited by malicious parties.”

A pharmaceutical company employee, for example, may have a minimal social media presence, mindful that their company could be targeted by activists. They may even have opted out of the edited electoral roll to make it difficult to identify their address. But if they were once a company director, their previous address could be on hand-written Companies House files. The electoral roll at this property may contain the details of their husband, wife or partner. And, if they have not been as careful with their social media activity, it could open the door to information that could put the employee’s entire family in danger. OVAs are designed specifically to uncover this kind of risk, recommending the actions to take to reduce it and prevent individuals from being targeted.

“Although public records and third parties are common sources of personal data, the information that greatly increases risk often stems from human error or is behaviour related, whether on the subject’s part of one of their connection’s,” adds Thomson. “As such, the OVA can also serve to highlight where further information security training may be required rather than rely on passive approaches of requesting the subject to remove or hide data in particular instances.”

Share this article: