The document outlines 6 steps for securing offshore development: 1) Limit access and implement least privilege by defining roles and access controls. 2) Ensure physical security of offshore premises and secure data backups. 3) Implement VPN and firewalls when exposing systems to the internet and monitor for intrusions. 4) Develop comprehensive security policies and procedures and conduct audits. 5) Train developers in secure coding and integrate security tools. 6) Conduct background checks on offshore employees and educate on security awareness. The document emphasizes that perfect security is not possible and a risk-based approach balancing security and tradeoffs is needed.