Reference Reports and Initial Assessment in a Start-Up Company
Stanley Jausneister owns a small high-tech start-up company called BioServer-Systems (BSS). Stanley’s company specializes in selling web server space to clients. The server space that Stanley markets runs from a network of personal computers. This networked configuration allows BSS to manage its server space more efficiently and provides greater flexibility to its customers, who often want weekly or even daily updates of their websites. The other innovation Stanley brought to BSS is special security encryption software protocols that make the BSS server space nearly impossible for hackers to access. This flexibility is particularly attractive to organizations that need to manage large, security-protected databases with multiple points of access. Stanley has even been contacted by the government, which is interested in using BSS’s systems for some of its classified intelligence.
Due to its niche, BSS has experienced rapid growth. In the past year, BSS hired 12 programmers and 2 marketers, as well as a general manager, an HR manager, and other support personnel. Before starting BSS, Stanley was a manager with a large pharmaceutical firm. Because of his industry connections, most of BSS’s business has been with drug and chemical companies.
Yesterday, Stanley received a phone call from Lee Rogers, head of biotechnology for Mercelle-Poulet, one of BSS’s largest customers. Lee is an old friend, and he was one of BSS’s first customers. Lee had called to express concern about BSS’s security. One area of Mercelle-Poulet’s biotech division is responsible for research and development on vaccines for various bioterrorist weapons such as anthrax and the plague. Because the research and development on these vaccines require the company to develop cultures of the biological weapons themselves, Lee has used BSS to house information for this area. A great deal of sensitive information is housed on BSS’s servers, including in some cases the formulas used in developing the cultures.
Despite the sensitivity of the information on BSS’s servers, given BSS’s advanced software, Stanley was very surprised to hear Lee’s concern about security. “It’s not your software that worries me,” Lee commented, “it’s the people running it.” Lee explained that last week a Mercelle-Poulet researcher was arrested for attempting to sell certain cultures to an overseas client. This individual had been dismissed from a previous pharmaceutical company for unethical behavior, but this information did not surface during the individual’s background check. This incident not only caused Lee to reexamine Mercelle-Poulet’s background checks, but also made him think of BSS, as certain BSS employees have access to Mercelle-Poulet’s information.
Instantly after hearing Lee’s concern, Stanley realized he had a problem. Like many small employers, BSS did not do thorough background checks on its employees. It assumed that the information provided on the application was accurate and generally only called the applicant’s previous employer (often with ineffective results). Stanley realized he needed to do more, not only to keep Lee’s business but also to protect his company and customers.
- What sort of background testing should BSS conduct on its applicants?
- Is there any information BSS should avoid obtaining for legal or EEO reasons?
- How can BSS know that its background testing programs are effective?
- In the past, BSS has used the following initial assessment methods: application blank, interviews with Stanley and other BSS managers, and a follow-up with the applicant’s former employer. Beyond changes to its background testing program, would you suggest any other alterations to BSS’s initial assessment process?