Share this
How to Securely Work with Contractors
by Constantin Jacob on Feb 28, 2024 10:00:00 AM
Bringing on a contractor or vendor with a laser focus on a single task can be a massive productivity gain and might be able to resolve a ratking of problems all at once. But as contractors have significantly fewer ties to the company and the overall mission, they are a security and privacy liability.
Limiting outside access to business systems
Maybe you have partnerships which include providing a service in the name of your partners without exposing that it is indeed your technology powering the service after all. Or the data existing within your systems requires very careful handling. Regardless of the constraints at hand, your operational goals are at odds. The contractor is meant to be a mercenary, hired to do a specific job without personal ties.
How do we ensure maximum operational security without reducing the efficiency of our contractors (that we're paying a premium for)? By attempting to clearly separate the systems the contractor may interact with.
The contractor should be granted access on a need to know basis. Ideally, this should also be applied to institutional knowledge. The latter point will require a bit of training of your staff generally, but can be achieved over time. The educational effort to get better at all aspects of operational security should always be encouraged, but respectful callouts on-the-spot of wrong conduct should also be encouraged in all directions, up and down the company hierarchy.
Ensuring control while working with contractors
Another key issue at hand: Compliance, bring-your-own-device (BYOD), and cost.
At DNSFilter, the goal is to ensure maximum efficiency and the least amount of hoops to jump through, while still maintaining control. It is human-nature to look for shortcuts, so be sure not to create obstacles with difficult software platforms or hoops to jump through that might encourage someone to cut corners. Instead, opt for established, understandable and reliable technology.
We managed to align some of these problems by providing all employees & contractors with a Pro license to one of our products, Guardian Firewall + VPN. Installation and operation is meant to be very easy, but it is also simple to remove once the contract runs out. Everything the app does is included within the bundle itself so once the VPN connection is disabled, the app can be easily deleted and we can ensure that we are not permanently changing our contractor's device.
We may want to work with certain contractors again in the future, so it is important to be aware that the device that they're using is not ours. Being respectful is a core part of our daily operations.
Guardian runs seamlessly in the background and can be configured to ensure that all DNS queries are running through our own filtering platform. Thus ensuring a whole category of problems can be eliminated all at once.
Try Guardian for yourself to see how easy it can be to protect your business information and limit contractor access.
Share this

Managing endpoint security across an organization—whether as an MSP overseeing multiple customers or an admin overseeing a tech stack—should be simple, efficient, and effective. That’s why we’re excited to introduce a revamped Roaming Client management experience, designed to provide greater confidence and ease in managing your fleet of DNSFilter Roaming Clients.

Why DNS Security Matters for ISO 27001 Certification
DNS security is more than just a technical concern—it’s a pillar of ISO 27001 compliance. As businesses work to protect sensitive data, secure network infrastructure, and meet regulatory requirements, DNS security solutions play a critical role in achieving ISO 27001 certification and ensuring compliance with evolving security standards.

The Old-School Operations Role: Backbone or Bottleneck?
In the early days of IT, the operations team was the unsung hero—the silent, and often siloed, force that kept everything running. They were responsible for the infrastructure: Servers, databases, and networks that powered the business. They managed deployments, monitored systems, and ensured uptime. If it was working, no one noticed them. If it wasn't? Well, then the questions started: "Wha...