My company has been working with a group of developers from the Ukraine for several years. We receive excellent service at a great rate but the downside to this is the company has been flagged by several different RBL's for virus activity over the years. They immediately fix the issue and are removed from the RBL but it does seem they cant control the activity on their network.
To date, all worked performed by this group has been done outside of our production environment on platforms such as Azure. The problem is the work is starting to ramp up and we are seeing increased bandwidth costs in our production environment.
Although this next question is against my better judgment, I am being challenged by my senior staff to come up with a solution to allow them access to work in our production environment (instead of azure) to avoid these extra bandwidth charges.
The ideal solution would be to give them access to a virtual machine or some kind of thin client solution via VPN connection and lock them down so hard they would only be able to run programs from the desktop.
Please let me know if you are aware of a lock down solution that can solve this problem.