I'm having a developer work on a modification for me, and my concern is that there is no way for me to really know if they are adding or doing anything malicious to the site. For example, what if they were to add something to send client's credit card info to them, or what if they create a security hole?
When outsourcing are there any tips of things that you should not give anyone else access to? Like direct DB login, full ftp access, etc...?



