Your version control system holds your organization’s most valuable assets: Source code, designs, artwork, media, business documents, and more. A multi-tiered approach to security is crucial to protect this intellectual property (IP).

1Require User AuthenticationThe first level of any IP security strategy is to verify that users are who they say they are. Integrate authentication with enterprise AD/LDAP services. Use multi-factor authentication, if possible.
2Manage User AuthenticationControl who is allowed to do what, where, and when. Don’t give everyone full access to all files — this creates risks and too much noise. Use groups to simplify management.
3Establish
File-Level Protection		Manage who is allowed to change specific file types — e.g., developers can update source code but not released executables. Some tools (e.g., Git) provide access to the entire repo. In such cases, carefully split up repos but beware of the problems this may cause.
4Protect Branches
and Streams		Manage who is allowed to change what in development versus release branches or streams — just as you would to protect file types. Production, operations, and development streams usually need different access rights.
5Assess EncryptionConsider the need to encrypt files at rest (i.e., while in the repository) and in transit (i.e., when moving files between the user’s desktop and the master repo).
6Record ActivityEnsure that your version control tool keeps an immutable history of changes. Such records enable developers to see what happened in the past and help you meet regulatory requirements.
7Detect Insider ThreatsUse your audit trails to spot risky behavior. Audit logs tend to be big, so use a tool that includes behavioral analytics to weed out the noise and flag only real risks.
8Keep Everything TogetherThe more stores or repositories are in use, the harder it is to manage security. Aim to put all assets — source code, documents and built executables — in a single repository.



Take Security and Compliance to the Next Level

Helix Core is an enterprise-class version control platform that uses a multi-faceted approach to security and compliance. Download this white paper to learn how Helix Core uses secure replication, access control, and traceability to protect digital assets.

Download White Paper
Author-Chuck-Gehman

Chuck Gehman

Technical Marketing Engineer, Perforce Software

Charles “Chuck” Gehman was a Technical Marketing Engineer at Perforce. Throughout his career, he worked as a CTO, architect, developer, and product leader in industry-leading startups and large enterprises. Chuck was a member of the IEEE for 20 years, and an AWS Certified Solution Architect and Certified Developer-Associate. In his spare time, Chuck loved being with his family, doing CrossFit, volunteering for technology education initiatives, attending Meetups, and writing. His expertise and laugh will be missed.