Source Code - Holy Grail of Data Protection

Source Code - Holy Grail of Data Protection

CISOs and CTOs have almost given up on the idea that protecting the company crown jewels - source code - is possible. Legacy data protection solutions encumbered developers to the point developers refused to work. Developers are the most demanding employees asking for more freedom to work in the way they want. The software development workflow is also very complex. Code lives in multiple online repositories that are both public and private. Developers clone code to their local machines. Source code data exists everywhere. How do you protect data that is stored and used in so many places?

Traditional protection software like Information Rights Management (IRM) and Data Loss Prevention (DLP) may work for office productivity files. But there is no application integration with Integrated Development Environment (IDE) tools such as Xcode and Virtual Studio. Classification fingerprints used by DLP are very fragile, and even the smallest change results in files not being appropriately classified.

Many organizations try to contain source code by deploying virtual desktop infrastructure (VDI) to developers. Developers work in a VDI environment that never allows data to leave. These environments are incredibly costly, impact developer performance, as well as increase operational management. Developers complain VDI restricts their ability to work quickly.

Read: How a Cyber Security Company (CSC) replaced VDI with SecureCircle.

SecureCircle's Data Access Security Broker (DASB) provides an alternative to IRM, DLP, and VDI that doesn't impact the developers while retaining control of source code at all times. Let's walk through a simple workflow and how DASB protects source code.

  • A developer clones a project from the company GitHub repository to her local machine. DASB has a policy to automatically protect any data downloaded from the repo to a local computer. The entire project is protected.
  • As she updates her project, MagicDerivative automatically protects all changes. MagicDerivative protects content as it moves from file or application even with copy-in-paste or SaveAs.
  • The developer can use any allowed IDE or application to edit source code. SecureCircle monitors the applications that attempt to access protected data. If the user, device, and application are permitted, the developer accesses the content as if no protection was in place. 
  • Protection is persistent, so even if the developer copies all the data to a USB or AWS and gives access to a friend, the friend will not be able to access any of the protected data. 
  • DASB's data-centric approach allows access control to follow data regardless of location.

With SecureCircle, CISOs and CTOs finally have a solution to protect core company assets such as source code without impacting developers.

Additional source code related articles

Securing Source Code & Intellectual Property While Working from Home

AWS Source Code Leak

Source Code - Holy Grail of Data Protection