‍

In late December 2024, the career chapter of 144,189 individuals took an unexpected turn. A ransomware group known as RansomHub infiltrated a franchised office of Manpower in Lansing, Michigan, remaining undetected for nearly two weeks. 

By the time the breach was discovered in January and disclosed to the public by July 28, the attackers had exfiltrated around 500 GB of data: passport scans, Social Security numbers, addresses, medical records, financial statements, even NDAs and internal HR analytics. 

The outcome was a nightmare:

• Identity theft risk for affected individuals.
  
• Emergency credit monitoring and identity protection through Equifax.
  
• A scramble to fortify defenses and involve the FBI.
  
  

This wasn’t just a technical failure…it was a massive breach of trust! 

For staffing and consulting firms, whose core business revolves around handling deeply personal and corporate-sensitive information, this incident serves as both a cautionary tale and a call to action.

Enter Kasm: The isolated workspace that secures PII

What if you could give recruiters and consultants secure desktops, fully contained environments for every session? That’s Kasm Workspaces in a nutshell. 

Built on Docker-powered containers, Kasm streams virtual desktops and browsers securely through the web: no client install, no direct access to endpoint devices or internal networks.

Security boundaries that matter

In the Manpower scenario, attackers moved laterally through networked systems, stealing troves of sensitive files. Kasm fundamentally cuts that off:

• No direct connection from the user endpoint to internal systems.
  
• All activity runs in containers; when sessions close, environments vanish.
  
• Policy controls limit upload/download, clipboard usage, and data retention.
  
  

Imagine recruiters reviewing passports or SSNs: instead of accessing them on a laptop that may already be compromised, they work inside a temporary, locked-down workspace. Once they’re done, Kasm deletes any residual traces.

A day with Kasm: How it could have mitigated Manpower’s breach

Picture Sarah, a consultant at a staffing firm:

1. Morning briefing: She logs into a zero-trust browser via Kasm: no history, no cookies, no risk to her device.
   
2. Client work: She accesses sensitive files (passport scans, IDs, financial data) through secure, encrypted containers.
   
3. File control: Company policies disable clipboard copying and external file downloads, preventing accidental or intentional exfiltration.
   
4. End of day: Sarah ends her session. The container is destroyed, no leftover files, no open connections.
   
   

If ransomware had hit the corporate LAN, there’d be nothing to encrypt or steal from her container, because it’s isolated and ephemeral.

Why it works: Five pillars of Kasm’s security model

1. Isolation by design
   Containers run off-network from corporate systems: ransomware or phishing can’t jump across.
   
2. Zero installation, no endpoint compromise
   Users work entirely in-browser; no agent could be exploited.
   
3. Disposable sessions
   Each workspace is ephemeral and destroyed immediately when done.
   
4. Policy-based DLP
   IT controls what data can move into/out of the workspace: download rules, clipboard restrictions, and safe browsing.
   
5. Scalable, dev-ops ready
   Kasm runs on Docker hosts controlled by tools like Terraform and Ansible, enabling automated security updates and enterprise-grade compliance management.
   
   

Kasm is a strategic tool for data protection in high-risk, high-stakes environments.

A stronger strategy to avoid becoming the next headline

The Manpower breach demonstrates how a single successful ransomware incursion can cascade into massive PII exposure and terrifying fallout. But it also shows a clear path forward: zero-trust isolation, container-based session control, and robust breach prevention.

Kasm isn’t a silver bullet, but it’s the kind of architectural jump that staffing and consulting firms need to prioritize:

• Protect client data with disposable secure desktops.
  
• Stop lateral movement on endpoints before malware or ransomware can spread.
  
• Take control of data flow with granular, enforceable policies.
  
• Gain visibility and auditability with centralized session logging.
  
  

If you’re ready to move beyond reactive “detect-and-respond” and truly safeguard your core asset (client trust and personal data), Kasm offers the next level of proactive defense. It’s time to future-proof your firm against breaches.

‍

Interested in seeing how this works live and what it looks like in your environment? Reach out to explore a Kasm demo tailored for staffing and consulting teams. 

Because in the next breach scenario, you want your firm to be the one they can’t hack.