Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Posting-Version: version B 2.10.2 9/18/84; site uwvax.UUCP
Path: utzoo!linus!philabs!cmcl2!seismo!uwvax!brian
From: brian@uwvax.UUCP (Brian Pinkerton)
Newsgroups: net.unix-wizards
Subject: Re: Security, hackers, computer crime
Message-ID: <90@uwvax.UUCP>
Date: Fri, 28-Dec-84 12:31:42 EST
Article-I.D.: uwvax.90
Posted: Fri Dec 28 12:31:42 1984
Date-Received: Sat, 29-Dec-84 23:27:22 EST
References: <6200037@uokvax.UUCP> <151@sask.UUCP>
Organization: U of Wisconsin CS Dept
Lines: 35

> Just wanted to point out that companies are forbidden by law to do complete
> background checks on people.  Things like Human Rights Commission in Canada
> or the American Civil Liberties group would have a field day in court with
> that!

What would constitute a complete background check?  Here are some of
things I might do if I were in the position of hiring someone for a
security sensitive job.  Are they illegal?

- use references from previous employers to locate and talk to former
  co-workers and managers.  
  
- also, use educational references to find out what the person was like 
  in school.

- run a credit check.  this is apparently pretty easy to do, judging 
  from the recent plethora of news on the subject.

- ask the FBI for hints.  I recently heard a talk given by a local 
  agent who strongly advised that they be consulted, even if just for
  a criminal record check.  They can also provide suggestions on where
  to go for more information. (this sounds like a bloody advertisement!)

There are probably many other things you could do to gain even more
insight into a prospective employee's life (psycological profile,
anyone?).  Such things take time, effort, and connections; I could
sympathise with an employer who wanted to avoid the hassle, but if I
were to give someone root on my corporate/banking/whatever machine I
sure as hell would check them out.

brian
-- 
Brian Pinkerton @ wisconsin
...!{allegra,heurikon,ihnp4,seismo,sfwin,ucbvax,uwm-evax}!uwvax!brian
brian@wisc-rsch.arpa