|
|
|
|
|
|
by srazzaque
1343 days ago
|
|
|
> They have some hokey secure email thing that is basically a link to a webform upload. Not Equifax per se, but my understanding from dealing with background checking companies is that this pattern is to discourage people from sending sensitive information over email. 99% of people won't have a clue about how to encrypt email, nor will they think twice about sending an unencrypted attachment. Whereas a sanely coded web portal can enforce this. The irony here is that its done for "security". But if the app itself has an unpatched vulnerability... Ps I once did try sending an encrypted PDF to such a company, and instructed them to phone me for the password. This was apparently way over the heads of the person assigned to my case. |
|
|
They probably knew exactly how to make a phone call, but the company may not have provided them with a means to do so.
And no, "Just use your personal phone" isn't an answer. I keep my personal stuff and my work stuff strictly separate from each other. If my company wants me to do something business-related, they provide me with all of the equipment and services necessary for me to do it, or it doesn't get done, plain and simple. When I'm out of the office after hours or on vacation, I'm not working. So no way in hell some random client is going to get my personal contact information via caller ID.