Say you are making some kind of online product(SaaS) and you get it off the ground by yourself, but now need to start hiring more people for the increased workload. How would you protect your IP(source code) if you would be fully distributed/WFH team?<p>I think signing some kind of NDA and non-compete would make sense but still, is that all there is to protect yourself from employee just sharing your source code or inner-workings of the system and whatnot with the world or competitors? I doubt that your employee from New Zealand will care much about your product/company in UK, for example, anyway. So the legality has little enforcing strength to begin with.
Depends on the product. a food delivery app or one that deals with taxes in the UK, maybe not, but a SaaS platform to serve AWS users, I'd imagine users in Australia could make just as much use of that as in the UK, and Stripe makes it easy to accept payments from there.<p>Unless you're pulling an unscrupulous rando of fiver, it's better to presume that your employee is a professional and won't do that, rather than burn a large amount of resources protecting your source code. What could I actually do as a programmer with, say, a copy of the Photoshop source code?<p>if your SaaS app is, say, some intricate detail in the UK VAT system, how much could the code even be worth to someone in Australia? even if they did steal your code, do you have the energy to make an Australian subsidiary and pursue that? the opportunity cost would be high.<p>for that matter, if you're going to go down the route of not trusting your employees just to make sure no one wants to work for you even more, are you gonna drug test them as well? pay them what they're worth and treat them well, and they won't try and steal from you.<p>a standard employment contract should cover "don't steal our source code" without going to the lengths of being an NDA. that's not to say NDAs aren't used in the industry though. For what it’s worth, noncompete aren’t enforceable in California and that hasn’t seemed to stop its tech industry one bit.
If your source code is really that important (if, say, it’s a trading strategy, or will run a nuclear submarine), then you insist that people work five days a week from the office, using desktops (not laptops), make them drop off personal devices as they enter the office, and give them extra time off for doctors appointments, train strikes, etc. I once interviewed at a place that did this, as a competitor had previously tried to steal their code.<p>Otherwise, don’t worry about it.
If your business can be "stolen" by recreating the code, then I think you need a better moat. We live in an AI age, even if someone doesn't have your code it's probably piss-easy to generate similar functionality.<p>Being restrictive and paranoid towards your future hires is only going to guarantee that desperate employees work for you. Well-tenured industry veterans aren't even going to sit through the entire interview if you make them sign a non-compete.
Split it into modules and don't share the most important ones initially. Eg get them to do the infra at first, then user auth stuff, etc. Save your actual business logic for when you know and trust them more.<p>Ultimately your brand will be the most valuable thing, but if you don't have an established one I think it's fair enough to take precautions with someone you've never met and in a different jurisdiction.<p>I would expect a 'professional' to understand.