How to Securely Involve Freelancers in the Development of Your Application

When Bruce Lee pronunced the timeless quote ”Be water my friend”,  he might not have thought of “being water” as staffing freelancers in your team. However a liquid workforce is what companies use today to become resilient to changes in skill needs and market pressure.

In this article, we explain how to staff a liquid workforce quickly and economically as well as protect your assets.

Develop With Outsiders Without Sharing Your Source Code

If you mention on your LinkedIn profile that you are looking for external developers, chances are that you will now be contacted several times a week with offers from talents from around the world.

If you are looking actively, you might have decided to work with outsourcing services in Poland or other places to get access to entire teams and quickly scale up your skill set.

In both cases, while involving external developers for variable periods of time in your team has clear technical and economic benefits, you might also expose your business to intellectual property losses in the form of source code or customer data leaks.

For young and innovative companies, source code and data can be the crux of their intellectual property. Hence, the failure to keep tight control on who had access to what can impact them when seeking growth capital or might even result in the appearance of copycats in remote regions.

For mature ones, having access to internal or customer-facing applications is a trove for malicious actors looking for code vulnerabilities or opportunities to plug Trojan horses. Once such a flaw can be successfully exploited, the company is one step away from the headlines. Recently Microsoft (through Solarwinds)TwitchStormshieldElectronic Arts and others had customer data leaked or their systems breached after their source code was exposed. In addition, it seems that employees are now increasingly mishandling the company’s source code, according to this Financial Times article, also relayed by Business Insider.


Infamous recent source code leaks that led to customer data access and system breaches.

In the article The Trusted Liquid Workforce, we explained the necessity for companies to involve outsiders in their development process in a secure manner, i.e. one that minimizes the chances for their source code or data to be leaked, analyzed, or becoming available on the dark web.

In this article, we'll give a quick recipe to onboard such a trusted workforce economically using our software-as-a-service platform. Note that this is not a user manual. You can find contextual help as tutorials and videos once inside our Strong Network platform. Our goal here is to give you a feel of what the platform can offer.

Create a Strong Network of Coders

Our public SaaS platform, called Strong Workspace, allows you to onboard and manage your liquid workforce in a secure manner.

Here is how you can do it in just three steps, 

The first step is to create an account and set up your team composition. You will send invitations to freelancers from this account and make available resources for them so that they can start working quickly.


Step 1: Create your account and send invitations to your team to join the platform

There are three plans for the account to choose from:

A Starter plan lets you provide a secured access, brokered by the platform, to any developer to your code base through a workspace, which is in essence a development IDE with a command line interface (CLI). I’ll delve more on security later, but measures with this plan basically prevent freelancers from downloading your entire code base.

The Advanced plan provides in addition data loss prevention. This will prevent a careless or malicious developer from exfiltrating your code once she has access to it in the workspace. You also get a real-time security log about the activity of all participants in your development process.

Finally, the Professional plan gives you access to dashboards to visualize the performance of your team such as attendance, the type of work done, etc. In addition, you’ll be able to bring on your own software containers to configure workspaces.

With all plans, the platform allows you to involve any number of freelancers on the same public resources as your internal developers, e.g. git repos and data buckets, with the distinction that access to these resources will be brokered for security purposes through the platform, as shown in this figure.

Freelancers get secured access to your resources through the platform (represented by the brain logo), unlike
internal developers who have direct access. Both types of access cohabit seamlessly.

Now that your account is ready, you can invite your liquid team. This can be done directly from the sign-up flow after the account plan has been purchased or once on the platform via the People dashboard.


The People dashboard lets you send invitations to team members and visualize member locations.

Team members will get an invitation to join your project by email. You get to pick up the role they will play in your project, which is a way to give them different sets of permissions, e.g. to access dashboards, security logs, etc. Typically, developers have the smallest set of permissions, while managers can create workspaces, access metrics, and onboard new users.

In your team, you will typically need a project manager, tech leads and developers. You can invite any user for free and will only pay for workspaces used by developers. Buying workspaces is very much like buying development machines for your team.

Note that initially an account only provides a single workspace, which allows you to equip a single developer. You can add a new workspace to your account anytime, for example, when you or a manager simply creates a new one (I’ll show that next.)

Managing Your Liquid Resources

Once you are on the platform, the second step consists in associating the resources that you need for your liquid team and providing access. By creating and giving access to workspaces, you provide each developer with a fully installed environment composed of an IDE, e.g. Visual Studio Code, and a software stack defined as a docker container. This means that developers don’t have to install anything on their laptops and can start working immediately.

This is very much like providing any developer with a development machine. Workspaces can be automatically started following a personal schedule that users define in their settings. This is in contrast to what GitHub’s Cloudspaces is doing, i.e. providing ephemeral workspaces that deploy as quickly as possible. Our goal is not to compare with GitHub’s solution in terms of access speed (ours deploys in a minute or so). Instead, we want to be multi-cloud and with a particular focus on security to ensure you can effectively manage a secure liquid workforce. That's why our platform is the first-ever engineered Secure Cloud Development Environment.


The first screen of the workspace creation wizard lets you choose an IDE, software (via a container), an owner for that workspace

The second screen of the workspace creation wizard lets you associate selected resources such as Github, Gitlab, Secrets, Connected Services and a Script (see below) 
To enable access to an entire git application, the manager who creates a workspace checks the option to use a personal key.

To install the workspaces with software, with all plans, you have access to a series of “themed containers”, i.e. python, golang, etc that can further be customized with a start-up script. With the Enterprise plan, you can provide your own containers that perfectly fits any project’s requirements.


Workspaces have a startup script such that containers can be customized.

Provide Access to Code and More

It is through workspaces that you can provide access to your repositories, data buckets and secrets (token, credentials, etc) individually to each user. Any such resources can be managed in a granular manner by importing or creating them one by one on the platform.


Step 2: Create fully-installed workspaces and provide access to your resources through them.

For example, you can provide access to a single project repository from your GitHub or GitLab application. Access keys (to authenticate the developer to the application) will be fully managed for you such that when accessing the workspace, code can then be readily pushed to it without any credential configuration necessary. We call these keys project keys.

undefinedA project key provides access to a single project repository in a git application.