Data protection is huge. Gargantuan, in both task and importance. Hackers are simultaneously slipping their dastardly devices into everything from insurance companies to gas pumps to steal your Personal Identifying Information (PII). Or, lone wolfs like Edward Snowden are acting on their own volition to infiltrate sources and do God-knows-what with the data.
Active Screening deals with data on a daily basis. It’s the basis for conducting best-in-class background checks. But we are 100% committed to protecting your PII and have implementedindustry-leading solutions to ensure our client’s online privacy, domestically and overseas.
The man behind the most recent strategies Active Screening employees is Kerry Rydman, Information Technology Manager. In our continuing Department Profile series, we sat down with Kerry to learn more about his team’s efforts in the ever-changing world of data protection.
Active Screening: How did you get started in the background screening industry? What’s your degree in and how did your work experience lead you to this career? How long have you worked at AS?
Kerry: I have worked at Active Screening for one year. I have been in the IT field for more than 15 years. I have filled the duties as a System Administrator, IT Manager, IT Director, as well as run my own IT Support business. I am a veteran of the United States Marine Corps and I hold certifications from Microsoft, Cisco, and others.
AS: What does a manager of Information Technology do? What are your roles and responsibilities? How has this changed in the year you’ve been at Active Screening?
Kerry: My roles and responsibilities are numerous and varied. I am tasked with the IT Infrastructure here at Active Screening. I would say my greatest tasks are security and uptime. We must maintain the most secure environment possible while maintaining the best uptime, and to date, we have done that very well with a nearly 100% uptime. My team is small and highly skilled. We cover both Microsoft and Linux environments, local and cloud. I am also responsible for the normal stuff, like budgeting, future proofing, and other daily necessities.
Active Screening: What is the most interesting aspect of your job? Most difficult? Most exciting?
Kerry: All aspects of my job are interesting and rewarding. I love to come to work! My idea of a well-run IT department is to have to look for stuff to do. I take a very proactive stance toward everything IT related. We don’t like firefighting!
As for the most challenging part, that would be security. It can be very challenging to reach a very high level of security and accountability while maintaining usability. We always seek the best balance possible between securing our customers and supporting our customers.
Active Screening: We write a lot on ActiveCare about protecting Personal Identifying Information and other critical data when performing background checks and assisting candidates through the job application process. What are the biggest challenges to this in 2015? How has this changed since you started in IT? What are some upcoming trends or security measures that might enhance your ability to protect PII in the future?
Kerry: Personal Identifying Information and Payment Card Industry are two very complex topics. To be clear up front, we do NOT disclose our security methods and practices to the public. We DO open our systems to appropriate auditing, from proper personnel. Most recently we did this for the National Association of Professional Background Screeners (NAPBS) who require an on-site audit prior to becoming accredited.
The biggest challenges to securing PII/PCI in the IT industry are cost. A great deal of money must be invested on a regular basis to accomplish this goal, from Service Organization Controls (SOC) compliant data centers, to coding security measures directly into an application, to maintaining a highly skilled staff, all of which are very expensive. I consider myself fortunate to be part of an organization that understands these facts.
The best defense has always been, and still is, educating your employees and customers on the challenges of social engineering, embracing the concepts of Defense in Depth (layered security) at every level possible, then constant monitoring and vigilance by highly skilled staff.
Active Screening: In 2015 we’re focusing a lot on volunteer screening and how Active Screening is helping making that easier for clients. What do you think is the most important thing for volunteer-based organizations to know about volunteer screening and the platforms Active Screening has developed to help them implement this? I’m specifically wondering if volunteer-based organizations and/or non-profits often don’t have the funds or don’t have the staff to implement true IT security. How has Active Screening helped them overcome this challenge?
Kerry: Most organizations don’t have the fiscal ability to afford highly skilled IT staff. Someone who is “good with computers” is NOT good enough! The best thing the volunteer-based organization can do is form strategic alliances with those companies who do! These alliances should be budget conscious but not budget driven.
Get the best partners you can find, that’s what we do! Serve your customers, and yes, volunteers are customers, too.
Thanks, Kerry! We appreciate all the hard work you and your team to protect us and our clients. To catch up on our other Department Profiles, click on these links:
Department Profile: Travis Del Rosal, Research Manager
Compliance 101 with Benton Mobley, Director of Compliance
Who else would you like to hear from? Shoot us a comment below!