How to Securely Work with Contractors

Listen to this article instead
3:06


Bringing on a contractor or vendor with a laser focus on a single task can be a massive productivity gain and might be able to resolve a ratking of problems all at once. But as contractors have significantly fewer ties to the company and the overall mission, they are a security and privacy liability.

Limiting outside access to business systems

Maybe you have partnerships which include providing a service in the name of your partners without exposing that it is indeed your technology powering the service after all. Or the data existing within your systems requires very careful handling. Regardless of the constraints at hand, your operational goals are at odds. The contractor is meant to be a mercenary, hired to do a specific job without personal ties. 

How do we ensure maximum operational security without reducing the efficiency of our contractors (that we're paying a premium for)? By attempting to clearly separate the systems the contractor may interact with. 

The contractor should be granted access on a need to know basis. Ideally, this should also be applied to institutional knowledge. The latter point will require a bit of training of your staff generally, but can be achieved over time. The educational effort to get better at all aspects of operational security should always be encouraged, but respectful callouts on-the-spot of wrong conduct should also be encouraged in all directions, up and down the company hierarchy.

Ensuring control while working with contractors

Another key issue at hand: Compliance, bring-your-own-device (BYOD), and cost. 

At DNSFilter, the goal is to ensure maximum efficiency and the least amount of hoops to jump through, while still maintaining control. It is human-nature to look for shortcuts, so be sure not to create obstacles with difficult software platforms or hoops to jump through that might encourage someone to cut corners. Instead, opt for established, understandable and reliable technology.

We managed to align some of these problems by providing all employees & contractors with a Pro license to one of our products, Guardian Firewall + VPN. Installation and operation is meant to be very easy, but it is also simple to remove once the contract runs out. Everything the app does is included within the bundle itself so once the VPN connection is disabled, the app can be easily deleted and we can ensure that we are not permanently changing our contractor's device.

We may want to work with certain contractors again in the future, so it is important to be aware that the device that they're using is not ours. Being respectful is a core part of our daily operations.

Guardian runs seamlessly in the background and can be configured to ensure that all DNS queries are running through our own filtering platform. Thus ensuring a whole category of problems can be eliminated all at once.

Try Guardian for yourself to see how easy it can be to protect your business information and limit contractor access.

Search
  • There are no suggestions because the search field is empty.
Latest posts
How DNSFilter Stops Zero-Day Attacks: The Invisible Threat Costing Businesses Millions How DNSFilter Stops Zero-Day Attacks: The Invisible Threat Costing Businesses Millions

Imagine waking up to find your company's most sensitive data exposed, your systems locked, and your reputation in tatters. This nightmare scenario isn't just a hypothetical—it's the reality for businesses falling victim to zero-day attacks. In 2021, four zero-day exploits targeting Microsoft Exchange servers affected over 250,000 organizations worldwide, leaving countless systems vulnerable to data theft and ransomware.

How DNS Filtering Stops Ransomware How DNS Filtering Stops Ransomware

Ransomware attacks have evolved into one of the most pressing cybersecurity challenges of our time. In these attacks, cybercriminals infiltrate an organization’s network, encrypt critical data, and demand payment—often in cryptocurrency—in exchange for the decryption key. As the frequency of these incidents grows, so do their financial and reputational impacts. From small-to-medium-sized businesses (SMBs) to global enterprises, no one is immune...

Machine-Scale Problem, Meet Human-Scale Solution Machine-Scale Problem, Meet Human-Scale Solution

Greetings fellow humans! It is now 2025 and while we still don’t have flying cars, we do have self-driving cars—that has got to count for something. Some 2.6 million years ago humans began using tools. Today is a different day because, while we are still using machines as tools, machines have surpassed human ability on three important dimensions: The ability to observe change beyond what is humanly possible, efficacy beyond what is humanly possib...

Explore More Content

Ready to brush up on something new? We've got even more for you to discover.