How secure is your recruiting email?

Confidential Communication

Secure communication and data storage are essential for any organization. As a recruiter, securing your client and candidate data as well as your private communications with them is a necessity. When your email app, such as Outlook, your smartphone, or your recruiting CRM, connects to your mail account provider, that data must be transmitted securely.

Imagine sending a postcard with private details written on the back; anyone could read it along the way. Email encryption acts like a digital envelope, scrambling information so that only the intended recipient with the right key can understand it. The default IMAP (Internet Message Access Protocol) Port 143 is not secure, but fortunately most configurations use the secured Port 993 instead.

When using IMAP on Port 993, SLL (“Secure Sockets Layer”) is added, encrypting the content and keeping your info protected during transmission. However, this doesn’t account for your email login credentials also being encrypted, which is where TLS (“Transport Layer Security”) comes in. By using IMAP over SSL with TLS, both the email content and login vulnerabilities are mitigated.

New vs. Old Methods

Some major email providers have introduced dedicated mail APIs. These new methods allow developers to connect directly to the provider through code, leaving the actual mail sending to the provider. While this can be a plus, the use of IMAP with SSL/TLS retains some major advantages worth highlighting:

IMAPS/TLS is a platform-independent, standards-based architecture. This means it can be used with any email provider, whether that’s a ‘big tech’ provider like Gmail or an independent mail system. By supporting IMAPS/TLS, a software offers the widest range of email server support possible.
It is a “battle-tested” protocol, with an extensive history of security and reliability. Decades of testing and refinement mean minimal risk of exploits thanks to a mature codebase and continuous security updates and improvements.
Because this method is, unlike APIs, non-proprietary and unlikely to differ between email providers, it can offer reduced integration costs, lower maintenance overhead, and longer-term stability.

Prioritizing Security Beyond Email

PCRecruiter prioritizes the security of customer data by using IMAP with SSL/TLS encryption to ensure that all recruiting communications are protected from unauthorized access. In addition to encryption, PCRecruiter employs other important security measures:

OAuth 2.0 authentication framework
This modern framework provides precise control over who can access your information, eliminating the need to store sensitive credentials and ensuring seamless integration with enterprise identity providers. Think of this as adding a security guard who verifies the identity of anyone trying to access your information.
Secure credential management
PCRecruiter uses strong encryption for stored credentials and follows industry best practices for protecting sensitive data. This is like storing your valuable information in a vault with multiple layers of security.
SOC 2 Compliance
PCRecruiter has successfully completed a comprehensive independent Service Organization Control (SOC 2) audit, which demonstrates our commitment to meeting industry security standards. The SOC 2 audit has confirmed that we have strong security controls in place to protect your sensitive information.
Regular Security Assessments and Updates
Our internal security team continually tests and upgrades software, hardware, and systems to make sure our customers and their customers have the assurance of safety.

While absolute cybersecurity is impossible for any provider to guarantee, PCRecruiter’s use of IMAPS/TLS and SOC 2 compliance demonstrates their dedication to protecting customer data using industry-leading security measures and best practices. We strive to keep your information as secure as possible.