These days, the chances are you are using contractor staff to flex the workforce, work on specific assignments and keep the permanent employee headcount down. It’s now part and parcel in the business world. Contractors and temporary workers play a valuable role in helping organisations to operate, solve short term resource issues or provide expert skills for a finite time, but without long term commitments. Furthermore, their availability and ability to hit the ground running means they are often recruited quickly to fulfil an urgent need for the business.
This is all great news – both for maintaining business as usual and for delivering projects that require specialist skills. But there are serious implications in terms of information security risk.
So what steps can organisations take to ensure best practice around the security and risk management of contractors? A first step is verifying a person’s identity. Checking the authenticity of their identity documents should be a critical part of the recruitment process for contractors. When it comes to on-boarding contract staff, employers also need to ensure that the process is not overlooked and reserved only for permanent workers.
Furthermore, every business that has screened and on-boarded its contractors and temporary workers should think carefully about the systems and devices it has given them access to and what they can do with this access. In many organisations, contractors are given the same access rights as permanent employees, but without a granular review of the systems and applications they need to access to do the job they have been hired to do. Sadly, it is also not uncommon to discover that contractors may continue to have access to certain systems or portals even after their contracted period lapses!
If this scenario seems familiar to your organisation and you are unaware of your current security vulnerabilities as a result of hiring more contractors in recent years, it would be prudent to identify any vulnerabilities and a more strategic approach to solving these challenges through a risk assessment. This should help you better understand your current security situation and guide you towards bolstering your cybersecurity defences more effectively.
The world of work will look very different in just a handful of years and we’ll see a significant move towards an on-demand workforce, with organisations plugging into networks of staff on tap. Click here to find out more about addressing contractor security and how NTT Security can work with you to address the associated business and security challenges.