[thelist] Getting results of on-line employment app to client

the head lemur headlemur at lemurzone.com
Wed Nov 24 19:56:45 CST 2004


> I understand your concern there. Unfortunately, I don't have much sway
> with their personnel policies.   :)

I share your pain, even paranoids have enemies:)


> Yes, I was thinking I would have the form on the secure server. Is there a
> reason why I should limit access to the secure server through a password
> or a captcha?

A couple of issues;

1. webscrapers, filebots, and the rest of the script kiddie toyz floating
around.

2. time to target measurement.
from time that the time limited user/password is is sent from server to time
where the applicant accesses the form, can give the hr department some
valueable information in terms of level of interest/intent.


> This organization's Web hosting company is like none other I've seen. They
> have no admin utility for me to use -- just FTP access. It's a Windows NT
> environment, so every time I want to change file permissions on a file or
> folder, I have to call the tech guy at the Web hosting company and explain
> why I want to make a change. He's a nice guy, but it's a pain. So,
> unfortunately, I doubt any kind of scheduling job will be available to me.

I probably have hosted with a company like that in the past:)



> Sorry to be thick-headed, but sending the application results as a PDF
> attachment to an email would still be a non-secured way of delivering the
> information to the organization, wouldn't it?

  Encryption, SMTP authentication. Not a total answer, but read on.

However all bets are off as I didn't see that the client's server was not at
their location or under their control.

Since they have privacy issues, they need their own server.

Offer to build them one, lease an IP and you are almost good to go. You can
choose your poison in terms of server software, as long as you have
information about server setup to close all non essential services,
transfer the data area, in a non published drive that has a one way
connection to the server, and set up an intranet on a separate box.

PDF has its own issues  as the early readers 3.0 i think, i got a copy on a
harddrive on the shelf somewhere, allowed you to copy stuff and a limited
amount of manipulation.

I used to have to convert pdf print brochures into websites. It was as ugly
as it sounds. Big drop shadows, spinning gifs, and typing 'unprecedented
opportunity' a million times.

Really, build them a server, and when they cry over the cost, send them to
the post office for a bunch of those return receipt document mailers, number
the applications on copy sensitive paper, and use a bonded courier to pick
up the mail.

the head lemur

Interviews: http://www.lemurzone.com/pixelview/
blog: http://theheadlemur.typepad.com/
Community: http://www.evolt.org





More information about the thelist mailing list