11/9/2023 0 Comments Goodsync centos7![]() ![]() It seems you're without any form of version control, and I'd be shocked if you weren't frequently overwriting each others changes accidentally and trying to figure out who changed what without any way to know for sure. With regard to your deployment process specifically, it's pretty bad from both a security and operational standpoint. Endeavouring to hire trustworthy employees should also be obvious. ![]() Perusing these controls is probably a more practical approach. The threat of legal action or damage to their professional reputation usually provides enough incentive for developers to do the right thing. It sounds like a high risk employee jumping ship with the project they're working on is your biggest threat and fundamentally they need access to that code to do their job so there's not much you can do about that. Even then, that will only be significantly effective if your application architecture in such that entire components can be operated as separate services and high risk employees can work on low risk components which might interact with the high risk components as a "black box" without having to give them access to the code. In terms of physically restricting access to code, really the only viable way is to restrict access to repositories. I can't think of many prominent examples of code theft except in some cases where very specific proprietary algorithms are involved, or perhaps an employee jumping ship to a client and taking their code with them. Generally preventing code theft by developers is a very steep uphill battle, but fortunately I don't think it's a very common problem. So how can they create a simple easy to manage but a secure system for multiple developers?įirstly, you need to weigh up the cost/benefit of what you're trying to achieve.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |