Select Website 

Recruitment Directory's Blog - Australia's #1 Recruitment Technology Blog!

Previous Page Previous Page  Next Page Next Page

Online Recruitment - Past, Present & Future

Posted By: Thomas Shaw, 7:08pm Monday 06 September 2010    Print Article

Mark Anderson, Senior Director of Enterprise Sales from presents on the topic of Online Recruitment, how it started, where it is now, and where it's going in the future at the HR Florida State Conference & Expo 2010.

Mark gives a quick overview of how the online recruiting landscape has changed at lightening speed over the past few years and where he sees it heading. Although this is a US centric presentation, it will give you a good overview of some international issus affecting online recruitment.

If you don't have the time to listen to the whole presentation (yes, part 4 is missing) some of my key takeaways include
  • Infinite number of job board choices
  • Job board consolidation is happening
  • If you apply (for a job) through social (media) you almost have a better opportunity because the recruiters want it to work so badly that they will probably place the candidate (found) through social ahead of someone found somewhere else.
  • Mobile recruiting is happening now
  • Permission based marketing - get permission now, use it later.
  • Job board SEO will be a constant battle against full time search engine "manipulation" experts
  • Precise candidate targeting
  • Rise of "freemium" and more pay-for-performance models
  • Google could destroy the landscape - job board, ATS, database, SEO, SEM

Article URL:

Article Tags: online recruitment mark anderson job boards social media social recruitment hr florida mobile recruiting future of job boards mobile applications job board seo recruitment marketing google

Comments View Comments (0)

Opportunities and Challenges post the GFC and in preparation for environmental changes

Posted By: Thomas Shaw, 6:25pm Monday 06 September 2010    Print Article

One of the most talked about topics among recruiters since the RCSA Conference last week has been Matthew Tukaki's presentation titled "Opportunities and Challenges post the GFC and in preparation for environmental changes".

For those who missed his presentation, you can read the Shortlist article titled "Recruitment industry facing new competition from all sides" and also enjoy his presentation slides below.

One of my favorite quotes from Matthew was "job boards and other vendors that enabled employers to take care of their staffing themselves meant recruiters faced an uphill battle to convince clients of the industry’s unique sales proposition all over again". We will see this become more evident with both SEEK and CareerOne releasing candidate resume databases and applicant matching tools.

Article URL:

Article Tags: rcsa confereence matthew tukaki green jobs recruitment presentation job boards

Comments View Comments (0)

Stand out from the crowd - Using Embedded Objects in Job Ads

Posted By: Thomas Shaw, 2:30pm Tuesday 17 August 2010    Print Article

Have you ever wanted to add a video, slideshare presentation, a chat room or some other 3rd party media objects into your job ads? Nearly all job board software restricts the advertiser from placing HTML embedded code into job ads. So, wouldn't it be cool if you can just paste a URL and it automatically creates the embedded object without having the user copy and paste the code?

Have a look at an example I created. A standard job ad with links to 3rd party content, and a solution embedding the 3rd party content into the job ad.

Try this... Copy and paste a YouTube video URL into your LinkedIn status box. Wait a few seconds and it will automatically fetch the content.

It was late 2007 when SEEK added the ability for advertisers to add YouTube videos into job ads. Shortly after a number of other job boards added the YouTube functionality into their system.

Fast forward to 2010, and still job boards continue to restrict the creativity for advertisers to add dynamic content into their job ads.
  • You are restricted to only having 1 video
  • You are restricted to only using a YouTube video
  • You are restricted as to where you place the video in your job ad
You may have viewed web pages that have movies or animations that display within a portion of a Web page rather than in a separate application. Animation, audio, video, or other media that is displayed within a webpage is known as embedded objects.

Embedded objects allows the delivery of an integrated multimedia experience that appears seamless to the user. It is as easy as cutting and pasting blocks of code. Except, nearly all recruiters and advertisers I speak with have no idea about this. Actually, neither do most job boards!

oEmbed is a format for allowing an embedded representation of a URL on third party sites. The simple API allows a website to display embedded content (such as photos or videos) when a user posts a link to that resource, without having to parse the resource directly.

oohEmbed is an oEmbed compatible provider of HTML embed codes for various web sites.

If you have used Facebook or tried the LinkedIn example... chances are you have used the oembed script.

Technically, the LinkedIn and Facebook example use some sort of oEmbed functionality to process the embed request.
  1. The user pastes in a URL at which content is hosted.
  2. The system checks that URL to find the address of its oEmbed API via a LINK element in the document's HEAD. This step could be cached as the API location is unlikely to change often.
  3. The system does a GET to the oEmbed API, essentially asking "what is the content for this URL"?
  4. The system gets a JSON or XML response containing structured metadata for the item.
  5. The system formats the data however it deems appropriate.
oEmbed and oohEmbed scripts have been around for a while. But there are so many different websites offering embed scripts it's just too hard to keep up your own library.

Here is the solution. There is a new site called which has integrated with over 100+ different 3rd party content sites. With the number of sites supports and the speed in which we add them it becomes difficult for code libraries to keep up a regular expression of all the URLs supports.

The script allows you to limit the different types of media objects. In this example, I have only allowed YouTube, UStream,, Hulu, Vimeo, Slideshare & Scribe URLs to be automatically embedded.

All the advertiser needs to do is paste the URL anywhere in the job ad and the script will do the rest for you.


<script type="text/javascript" src=""></script> <script type="text/javascript"> var embedly_maxWidth = 400; var embedly_maxHeight = 400; var embedly_urlRe = /http:\/\/(.*youtube\.com\/watch.*|.*\.youtube\.com\/v\/.*|youtu\.be\ /.*|.*\.youtube\.com\/user\/.*#.*|.*\.youtube\.com\/.*#.*\/.*|www\.ustream\.tv\ /recorded\/.*|www\.ustream\.tv\/channel\/.*|blip\.tv\/file\/.*|.*\.blip\.tv\ /file\/.*|www\.hulu\.com\/watch.*|www\.hulu\.com\/w\/.*|hulu\.com\ /watch.*|hulu\.com\/w\/.*|www\.vimeo\.com\/groups\/.*\/videos\/.*|www\.vimeo\.com\ /.*|vimeo\.com\/groups\/.*\/videos\/.*|vimeo\.com\/.*|www\.slideshare\.net\/.*\ /.*|.*\.scribd\.com\/doc\/.*)/i var embedly_method = 'replace'; var embedly_wrapElement = 'div'; var embedly_className = 'embed'; var embedly_addImageStyles = true; var embedly_cssSelector = 'a'; var embedly_not_cssSelector = 'a.noembed'; </script>

Article URL:

Article Tags: oembed embedly api using video in recruitment video job ads job board online recruitment youtube media objects rich media regular expressions slideshare

Comments View Comments (0)

IT Video Resume - Killa Appz

Posted By: Thomas Shaw, 4:33pm Monday 09 August 2010    Print Article

Dave Berzack, a freelance web developer, created this music video about web development. He raps along to the paper planes track about his skills to pay the bills. Certainly stands out amongst a pile of CV’s. There’s not much else I can add to this... Just watch the video!

Article URL:

Article Tags: using video in recruitment video cv youtube dave berzack web development rap song candidate video resume

Comments View Comments (3)

OWASP Top 10 and your Recruitment Website - Part 1

Posted By: Dmitry Kulshitsky, 8:30am Monday 09 August 2010    Print Article

OWASP has recently updated their list of the top 10 most prevalent security vulnerabilities. Since this list covers all major aspects of computer security it is interesting to check what are the issues that are relevant to a typical recruitment website or job board and (exercising the 80/20 rule) what are the key questions we should ask ourselves (or our IT/security staff) to be sure that we don't miss anything critical.

The recommendations below are just for your reference and are not meant to replace a proper security audit process, but they are a good place to start the conversation about the state of security of your website.

A1 – Injection
  • Relevance: High
  • Impact: Severe
The first thing that comes to mind here is SQL injection, which we have covered before. But make no mistake – this class of vulnerabilities includes all types of injections not just SQL (e.g. LDAP, shell command, XPath etc). A typical developer will probably be aware of SQL injections but not about other ones.

OWASP puts injections at the top of the list. Recruitment websites and job boards contain sensitive data (e.g. usernames, passwords, resumes, addresses, phone numbers etc), so it should come as no surprise that the relevance is set to high.

Questions to ask:
  • Do we test our web site for injection flaws as part of the QA process?
  • Have we performed any automated/manual scans recently to identify these flaws?
  • Do we validate data both on client and server sides? Do we check for parameter lengths? Failure to do this will most likely to lead to injection flaws.
  • Do we use dynamic SQL queries? Strongly consider banning them. Use parameterised queries/stored procedures instead.
Quick tests to perform:
  • How does our site handle input from this list?
  • As a bare minimum - how does our site handle input that consists of:
    - a single apostrophe (covering at least the most commonly used enterable fields – e.g. keywords)? Do I get any error messages?
    - a closing bracket: )
  • If your web site uses numeric Job IDs, Resumes IDs, User IDs etc  – what happens if you append an apostrophe to one of these IDs: http://yourrecruitmentwebsite/showjob.php?jobid=123’

A2 – Cross-Site Scripting (XSS)
  • Relevance: High
  • Impact: Moderate
We have covered cross-site scripting (XSS) before. For recruitment websites and job boards there are 2 relevant major issues that may arise:
  1. Stealing cookies – this will allow an attacker to impersonate your clients and login to their accounts
  2. Embedding unauthorised HTML/JavaScript/frames. See previous article on hidden iframe injections
Questions to ask:
  • Do we test our web site for cross-site scripting flaws as part of the QA process?
  • Have we performed any automated/manual scans recently to identify these flaws?
  • Do we validate data both on client and server sides? Do we check for parameter lengths?
Quick test to perform:
  • How does our site handle input from this list?
  • As a bare minimum - how does our site handle this input:
    - a single backslash: \
    - this string: “><script>alert(123);</script>
    - this string: ‘;alert(123);//

A3 – Broken Authentication and Session Management

Relevance: Medium-High
Impact: Usually Severe

A typical recruitment website or job board has a login function for job seekers and advertisers. If authentication and/or session management mechanisms are broken, this could result in attackers getting access to your clients’ accounts.

Questions to ask:
  • Have we implemented our own authentication or session management mechanisms? If you have – you have probably done it wrong.
  • Do we store passwords in clear text? Passwords should be stored in hashed or encrypted format to prevent unauthorised access to password information
  • Do we have a “password reminder” feature? How is it implemented?
  • When a user clicks logout – what happens to the session? Session information should be deleted or rendered not reusable.
  • How does our session ID look like? Do not use consecutive integer values – they are very easy to guess/predict.
  • Have we implemented a session timeout feature? The session should timeout after a certain period of inactivity.
  • How do we send usernames/passwords and authentication cookies? Ideally you should be transferring them via HTTPS (secure communication)
  • Do we use “secure” and “HttpOnly“ flags for session cookies? While not compulsory this is a recommended practice.
  • Do we verify that the user is authenticated and has proper permissions in every step of a multistep process? Failure to do so may allow an attacker to bypass the authorisation mechanisms and access information that belongs to other users or restricted areas of the web site.

Guest blog post by Dmitry Kulshitsky, Security Architect at SEEK.

Article URL:

Article Tags: dmitry kulshitsky security recruitment website job board owasp sql injection xss cross-site scripting broken authentication session management login form design hacking website security user authentication

Comments View Comments (2)

Data Applications and Infrastructure at LinkedIn

Posted By: Thomas Shaw, 8:30am Friday 06 August 2010    Print Article

At a recent presentation by Jay Kreps of LinkedIn at the Hadoop Sumit 2010. Jay describes how LinkedIn crunches 120 billion relationships per day and blends large scale data computation with high volume, low latency site serving.

The Search, Network, and Analytics (SNA) team at LinkedIn works on LinkedIn's information retrieval systems, the social graph system, data driven features, and supporting data infrastructure. The system uses a number of open source software products such as
  • Apache Hadoop - framework for running applications on large clusters of commodity hardware.
  • Zoie - Faceted search
  • Bobo - Real-time search indexing
  • Decomposer - Very large matrix decomposition routines
  • Norbert - Partition aware cluster management & RPC
  • Voldermort - Key/Value storage
  • Kamikaze - Compression package
  • Sensei - Distributed realtime search
  • Azkaban - Hadoop workflow

Article URL:

Article Tags: linkedin linkedin infrastructure data management database hadoop zoie bobo decomposer norbert voldermort kamikaze sensei azkaban apache data warehousing open source software

Comments View Comments (0)

How to confuse a job seeker - Part 2

Posted By: Thomas Shaw, 2:25pm Monday 02 August 2010    Print Article

Following on from our previous article on How to confuse a job seeker...

Step 1. Create a complex and "unique" classification list
Step 2. Expect the job seeker to select the correct item from the list

Article URL:

Article Tags: classification structure job board online recruitment form design

Comments View Comments (0)

2010 Email Marketing Benchmark Report - HR/Recruitment Sector

Posted By: Thomas Shaw, 1:46pm Monday 02 August 2010    Print Article

The latest 2010 UK Email Marketing Benchmark Report (Q1 & 2) analysed over 200 million email marketing messages sent through their online marketing platform in the 6 months from 1st January - 30th June 2010. The breakdown of statistics by sector did not paint a very flattering picture for the HR/Recruitment industry.

HR/Recruitment on first glance has taken a hammering, seeing click-to-open rate drop from 21.70% to 3.51%. Such a massive decline deserved some investigation - what we found was exactly what we mentioned above - the majority of these campaigns have switched to detailing all of the required information in the body of the email and soliciting responses by email rather than through a website.

  • Open rate: 17.98%
  • Click-through rate: 3.56%
  • Unsubscription rate: 0.20%
HR/Recruitment Sector
  • Open rate: 18.55%
  • Click-through rate: 0.65%
  • Unsubscription rate: 0.22%

The chart below gives us a good indication of the level of engagement that the email campaigns themselves generate, by looking at the proportion of people who click on a campaign after opening it. Where the aim of a campaign isn’t to generate a click to a landing page (in the case of informational emails or those designed to elicit a response by email) this isn’t a good measure but for most industries it’s a very good way to compare engagement.

Article URL:

Article Tags: email marketing uk email marketing benchmark report statistics email metrics email open rates

Comments View Comments (1)

Australian Job Board Statistics - August 2010

Posted By: Thomas Shaw, 9:00am Sunday 01 August 2010    Print Article

Australian Job Board Statistics measuring the total unique browsers during August 2010. Data source - Nielsen NetRatings. SEEK 4.165m, CareerOne 1.652m, MyCareer 1.371m

Article URL:

Article Tags: job board mycareer careerone august 2010 job board report job board statistics seek nielsen netratings

Comments View Comments (0)

Plan for the worst

Posted By: Thomas Shaw, 6:37pm Wednesday 28 July 2010    Print Article

It's every business owner’s worst nightmare - What would happen if we lost all our data? Goodbye thousands of candidate records. Goodbye client lists and financial information. Instead of pointing the finger and blaming someone else, do you have plans in place to backup your data in the first place?

  • Don't count on anyone else to back your data up for you. It's YOUR data!
  • Make backing up a part of your normal daily and weekly activities
  • Look for ways to export your data to an open format, such as XML or a comma-separated text file (CSV), so YOU have a choice of other platforms to turn to if the worst happens.
With persistent rumors about a recruitment software vendors "going concern". I thought it would be a good time to list a few questions you should ask your vendor
  • Where is my data stored?
  • How often is the system backed up?
  • Can the system provide me the ability to export data?
  • Have you tested your backup retrieval files?
  • How fast can you roll back a previous backup?
If you don't have a backup plan already, here are some old tips from Microsoft. It takes time to create and implement a backup and recovery plan. You'll need to figure out what data needs to be backed up, how often the data should be backed up, and more. To help you create a plan, consider the following:
  • How important is the data on your systems? The importance of data can go a long way in helping you determine if you need to back it up—as well as when and how it should be backed up. For critical data, such as a database, you'll want to have redundant backup sets that extend back for several backup periods. For less important data, such as daily user files, you won't need such an elaborate backup plan, but you'll need to back up the data regularly and ensure that the data can be recovered easily.
  • What type of information does the data contain? Data that doesn't seem important to you may be very important to someone else. Thus, the type of information the data contains can help you determine if you need to back up the data—as well as when and how the data should be backed up.
  • How often does the data change? The frequency of change can affect your decision on how often the data should be backed up. For example, data that changes daily should be backed up daily.
  • How quickly do you need to recover the data? Time is an important factor in creating a backup plan. For critical systems, you may need to get back online swiftly. To do this, you may need to alter your backup plan.
  • Do you have the equipment to perform backups? You must have backup hardware to perform backups. To perform timely backups, you may need several backup devices and several sets of backup media. Backup hardware includes tape drives, optical drives, and removable disk drives. Generally, tape drives are less expensive but slower than other types of drives.

  • Who will be responsible for the backup and recovery plan? Ideally, someone should be a primary contact for the organization's backup and recovery plan. This person may also be responsible for performing the actual backup and recovery of data.
  • What is the best time to schedule backups? Scheduling backups when system use is as low as possible will speed the backup process. However, you can't always schedule backups for off-peak hours. So you'll need to carefully plan when key system data is backed up.
  • Do you need to store backups off-site? Storing copies of backup tapes off-site is essential to recovering your systems in the case of a natural disaster. In your off-site storage location, you should also include copies of the software you may need to install to reestablish operational systems.

Article URL:

Article Tags: recruitment technology data storage website hosting recruitment website recruitment database backup plan recruitment vendors

Comments View Comments (2)

Previous Page Previous Page  Next Page Next Page

Random Blog Articles

Use of Google Maps in a Job Search
Published: 1:12am Friday 10 July 2009

All I want for Christmas are some funny job ads
Published: 7:30am Monday 13 December 2010

No one wants to follow your Recruitment Agency on Twitter
Published: 10:00pm Thursday 08 October 2009

Adlogic Webservice API
Published: 7:30am Monday 01 November 2010

CareerOne Power Search
Published: 9:24pm Sunday 31 October 2010