Matt Lee, Chief Delivery Officer at Amdaris discusses how security vetted teams are crucial to ensuring tech excellence
The notion of vetting often triggers thoughts of getting tapped on the shoulder by the secret service and undergoing extensive training and background checks before enrolling as an agent. Of course, to the everyday employee, these remain as hypothetical thoughts, not real-life events.
But while we won’t be putting on our tux and undergoing secret missions any time soon, the vetting process shares universal concepts between industries that require it. As MI5 themselves define, “Vetting is the process to identify and manage any risks that could make our secrets vulnerable, and it takes place to help keep you and our organisations safe.”
Tech employees working at MI5 will have to undergo similar checks to people working in government, defence, and aerospace sectors. These sectors require top-notch cybersecurity systems and software, and tech innovation and excellence is a cornerstone of their success and integrity.
Yet adopting new technologies and maintaining existing systems requires using software teams who can be trusted and can ensure that highly sensitive data is kept secure. It is only with this foundation that innovation can thrive – and this is why these companies need to form or harness security vetted teams.
But what are security vetted teams? And how can they drive tech excellence?
What are security vetted teams?
A security vetted team is a group of individuals who have each undergone vetting processes, passed thorough background checks and achieved security clearances such as BPSS and SC. They are built to assist companies with their secure software development needs and offer a way for them to leverage security-cleared personnel, such as developers, testers and engineers, to work on projects without needing to hire and vet permanent employees.
Once enlisted, they can either act as an ongoing extension of their team, or function as an independent resource used as and when needed.
Who are they for?
Security vetted teams are particularly suited to those businesses who are looking to expand their in-house teams but are also facing recruitment issues.
In an environment already grappling with a well-publicised skills shortage, “closed-door” organisations face an added dilemma. Since COVID, software developers’ working expectations have changed; they often work remotely or expect flexible work options. Yet remote working also makes maintaining data security – preventing any damaging leaks and breaches – and onboarding teams that much harder.
This is why security vetted teams present such an attractive option to these organisations. They offer the sweet spot between providing enough flexibility to attract talent but also ensuring employees are vetted and information is secure.
Onboarding is managed by the team and, rather than having a number of individual employees, team members are selected to work effectively as a unit and complement the client’s team.
Moreover, in such a tough hiring environment, they help avoid the costs of recruitment and replacement and therefore free up more budget to invest into the project(s). Where there is a need to replace an individual the team provides an ecosystem to minimise risks to the client.
And they’re not just for organisations with recruitment challenges, but also for those who may be requiring a boost to the pace of their project or looking to embed more skills and expertise into their workflows without taking on full-time employees.
How do they drive tech excellence?
A software outsourcing partner can provide these teams, taking on the responsibility of vetting staff and conducting background checks. It can attract highly-skilled talent by being able to offer cultural and career perks that individually cater towards their interests. And not only can it attract this talent, but it can form a team of vetted employees who are also able to work on completely separate activities and pick up different skills (without sharing any private project details).
This flow of knowledge transfer can be very beneficial to closed-door companies: as sectors that are relatively cut off from the rest of the tech world, this offers a clear path to allowing innovation to stream into the company without compromising any security protocols. The extended security vetted team has a cocktail of skillsets which can be mixed and matched to each project they are best suited to. This all means companies are kept in the loop with the latest thinking, methods and technologies, allowing them to drive tech excellence.
Knowledge transfer also acts as a buffer against team members leaving as it minimises the risks of ‘knowledge loss’. This is why it is so important to look for outsourcers who place an importance on this way of working.
How do you ensure tech excellence when external staff are not allowed to see the work undertaken? A benefit of a Security Vetted Team is that the team can include a tech lead that can undertake reviews of other team members’ work. This means that the client doesn’t need to undertake validation – as they would if they employed independent contractors. In addition, external validation checks can then be put in place to ensure that the right processes have been adhered to without exposing the specifics of the project.
An outsourcer also offers the opportuning for training, where team members can ask for guidance from the wider tech community within the outsourcer without compromising security or secrets.
All of this is not to detract from recruiting in-house talent. If companies have the means to do so, or their business needs demand it, this of course has its benefits: they can keep a lid on all their data in house and cultivate a deep understanding of their technology and processes within their internal team. Yet this can also limit their exposure to top talent and tech advancements, especially in a market where software developers come at a premium. The decision comes down to a business’s requirements (and budget).
Secret and secure innovation
Security vetted teams give companies access to vetted software personnel to work on their projects without having to go round tapping people on the shoulder or (as in the more ‘real’ world) conduct extensive hiring processes. They can onboard employees quicker, access more skills, benefit from knowledge transfer and incorporate new innovations into their systems without compromising security and data.
The organisations who need security vetted teams are usually the ones whose sectors need them to be at the forefront of industry innovation – but the secrecy of their work can limit their ability to do so. With an outsourced pool of security-cleared software developers ready to work when required, they can deliver secret and secure innovation and ultimately allow tech excellence to thrive.
Author: Matt Lee, Chief Delivery Officer at Amdaris