Yes, there are NDAs and legal agreements to discourage rogue employees from sharing source code in the public.<p>However, do they have specific processes to ensure that employees don't have full source code on their machines / laptops ?<p>I have read that some companies like Facebook and Google don't allow employees to check out code on their laptops. Code is checked out on developer servers and employees connect to these to work.<p>We need a similar setup in our company, and are looking for pointers to how we could build one.<p>Are there are any products or open-source projects which help in this ?
No, your source code is not a "crown jewel" or a "trade secret". Without people, infrastructure, environments, and keys, it's just a load of text files.<p>This is a myth propagated by engineers who overvalue their work.<p>Also, Google only has 1 REPO, which everyone in the company has access to. <a href="http://www.wired.com/2015/09/google-2-billion-lines-codeand-one-place/" rel="nofollow">http://www.wired.com/2015/09/google-2-billion-lines-codeand-...</a><p>I love this response as well:
"Assuming you are using Git, that means every developer you employ is running around with a complete repository history of your source code on their laptop. They probably also have internal documents regarding design, product management, etc. Many of them probably use a cloud backup service like Mozy/Dropbox etc. I don't think Github is the weakest link in this chain. That aside, source code is typically far from your most valuable asset, especially if you're a SaaS offering like many startups. What could a competitor do with your code, absent your people and your branding? Even if it were, Github would probably be the least of your security concerns."<p><a href="https://www.quora.com/Do-any-startups-use-GitHub-as-a-repository-for-their-private-proprietary-code/answer/Joseph-Ruscio?srid=8yD&share=1" rel="nofollow">https://www.quora.com/Do-any-startups-use-GitHub-as-a-reposi...</a>