Past, Present(s), and Future: DNSFilter's 2024 Recap + 2025 Roadmap

WATCH NOW
    free trial
    Book a Demo

    How to Securely Work with Contractors

    by Constantin Jacob on Feb 28, 2024 10:00:00 AM

    Listen to this article instead
    3:06


    Bringing on a contractor or vendor with a laser focus on a single task can be a massive productivity gain and might be able to resolve a ratking of problems all at once. But as contractors have significantly fewer ties to the company and the overall mission, they are a security and privacy liability.

    Limiting outside access to business systems

    Maybe you have partnerships which include providing a service in the name of your partners without exposing that it is indeed your technology powering the service after all. Or the data existing within your systems requires very careful handling. Regardless of the constraints at hand, your operational goals are at odds. The contractor is meant to be a mercenary, hired to do a specific job without personal ties. 

    How do we ensure maximum operational security without reducing the efficiency of our contractors (that we're paying a premium for)? By attempting to clearly separate the systems the contractor may interact with. 

    The contractor should be granted access on a need to know basis. Ideally, this should also be applied to institutional knowledge. The latter point will require a bit of training of your staff generally, but can be achieved over time. The educational effort to get better at all aspects of operational security should always be encouraged, but respectful callouts on-the-spot of wrong conduct should also be encouraged in all directions, up and down the company hierarchy.

    Ensuring control while working with contractors

    Another key issue at hand: Compliance, bring-your-own-device (BYOD), and cost. 

    At DNSFilter, the goal is to ensure maximum efficiency and the least amount of hoops to jump through, while still maintaining control. It is human-nature to look for shortcuts, so be sure not to create obstacles with difficult software platforms or hoops to jump through that might encourage someone to cut corners. Instead, opt for established, understandable and reliable technology.

    We managed to align some of these problems by providing all employees & contractors with a Pro license to one of our products, Guardian Firewall + VPN. Installation and operation is meant to be very easy, but it is also simple to remove once the contract runs out. Everything the app does is included within the bundle itself so once the VPN connection is disabled, the app can be easily deleted and we can ensure that we are not permanently changing our contractor's device.

    We may want to work with certain contractors again in the future, so it is important to be aware that the device that they're using is not ours. Being respectful is a core part of our daily operations.

    Guardian runs seamlessly in the background and can be configured to ensure that all DNS queries are running through our own filtering platform. Thus ensuring a whole category of problems can be eliminated all at once.

    Try Guardian for yourself to see how easy it can be to protect your business information and limit contractor access.
    Topics: Featured IT IT Challenges
    Search
    • There are no suggestions because the search field is empty.
    Categories

    Categories

    See all
    Latest posts
    2025 Cybersecurity Predictions: It’s Not Just AI, Here’s How Cybersecurity Will be Transformed in 2025 2025 Cybersecurity Predictions: It’s Not Just AI, Here’s How Cybersecurity Will be Transformed in 2025

    Earlier this month I joined Mikey Pruitt, our Global Partner Evangelist, on the DNSFilter podcast dnsUNFILTERED to discuss my 2025 cybersecurity predictions. We had a lot of fun and covered all of the points I’ll outline here, but I wanted to go deeper. My 30 years of cybersecurity experience have given me a strong sense of where we’re heading as an industry—the shift to the cloud in many ways is a precursor in the adoption of AI and the future...

    From Reactive to Proactive: How to Create a DNS Security Strategy that Stops Attacks From Reactive to Proactive: How to Create a DNS Security Strategy that Stops Attacks

    Most businesses only think about DNS security after an attack has already occurred. By then, the damage is done - downtime, lost revenue, compromised data, and a tarnished reputation. In an environment where cyber threats are constantly evolving, a reactive approach to DNS security simply isn’t enough.

    How MSPs Can Enhance Customer Experience with Technology How MSPs Can Enhance Customer Experience with Technology

    Customer experience is the secret sauce that sets successful Managed Service Providers (MSPs) apart from the rest. In a market teeming with competition, you need to offer more than the best technology or the lowest prices. It's about how clients feel when they interact with your services. A stellar customer experience can transform a one-time client into a loyal advocate, while a poor one can send them running to your competitors. According to a ...

    Explore More Content

    Ready to brush up on something new? We've got even more for you to discover.
    WhitePapers
    WhitePapers
     Webinars
    Webinars
     Case Studies
    Case Studies
     Product Literature
    Product Literature