How We Keep Your Recruitment Agency Website Secure: Building Trust With A Secure Recruitment Website

We take the security and compliance of your recruitment agency’s website extremely seriously and that starts with the very tools we choose to build your website with, which then transcends into how we maintain your website after it’s been designed, developed and deployed. 

Google Angular Framework

We build your recruitment agency site using Google Angular, which is a front end framework used for a lot of Google's products such as Gmail and YouTube, as well as websites from other major, international businesses such as Forbes, Upwork, Paypal, Standard Bank and thousands more. It’s used to structure your website and is far superior when it comes to security when compared to template website builders or WordPress recruitment websites. Your recruitment website’s front end is then built on top of Google Firebase, Google Hosting and Google Cloud Functions - all backend infrastructure, once again used for a lot of Google’s products as well as thousands of major businesses around the world. 

The Angular framework is a robust and secure web application framework, which has a large team of Google developers constantly working on it, releasing a new version every 6 months! Angular's built-in DOM sanitizer prevents cross-site scripting (XSS) attacks and we update your application and all associated libraries every 6 months to address security patches. We also have a routing module as part of the Angular framework, within your recruitment agency website. This routing module lays down all of the routes (pages) within your website. Now most of these routes are wide open to anyone, pages such as the home page, blogs, contact us, about us, etc will need to be accessed by anyone who visits your website. However we use route guards to protect certain routes such as the create and edit pages and we use "guards" so that only logged in admin users can access these pages, protecting you from any malicious actors trying to create or delete pages on your recruitment website. 

Admin Functionality

We hide admin functionality (create, edit and delete) from the DOM using components such as conditional rendering, which show / hide elements based on user roles and permissions. We also lazy load all modules attached to the content management system, only loading it when an authorised user accesses it. 

Google Firebase

We use services provided by Firebase for user management, authentication and authorisation. This forms the structure for our login functionality with role based access control. For example you may want one super admin user that has access to all pages, all create, edit and delete functionality and you may have one level of access just for consultants, maybe you only want to give them access to the create, edit and delete functionality on the jobs pages. 

Google Cloud

We use Firebase Cloud Functions to ensure your recruitment agency’s website server-side code isn't directly exposed to the internet. Your Cloud Functions update your sitemap when you add or delete pages, allows your contact form to work properly, allows for server side rendering and so much more. These all run in a managed environment protected by Google, minimising vulnerabilities. 

Data

All of your recruitment website’s data, such as blog and job posts, information sent via your contact form, etc. is kept within Firebase Firestore and Firebase Storage and is held in two separate data centres, one in the South of England and one in Belgium. 

Made In The UK

We hand write all of your website’s code ourselves and minimise the number of third-party libraries we use, as opposed to WordPress websites, which rely heavily on plugins, written by other developers and need to be regularly updated to minimise attacks from hackers. 

SSL Certificate

All of our recruitment agency websites are built with a SSL certificate, giving you a HTTPS URL and all data sent between the client browser and the server is fully encrypted. This ensures all communication between the user's browser and your server is fully safe and secure. This is particularly important considering candidates will be sending sensitive information, such as their CV, passport, visa details, etc via your contact form. 

Cookie Consent

We make sure your recruitment firm’s website is fully cookie consent compliant, only leaving tracking and analytical cookies on visitors’ devices when they have accepted cookies. I see so many recruitment agency websites made by competitors who leave their clients in a precarious position, potentially open to fines from the ICO as their cookie consent pop ups and policies breach EU & UK laws. You can check to see if your recruitment firm’s website is UK & EU compliant by typing your home page into 2GDPR.  

Conclusion

We understand that a secure recruitment website is more than just a digital storefront; it's a platform for building trust and fostering relationships. By prioritising security at every stage of development and maintenance, we empower your agency to focus on what you do best – connecting top talent with the right opportunities.

If you’re worried about the security and compliance of your recruitment agency’s website then get in touch for a chat and we’d be happy to advise to see how you can address those security concerns.