Thanks, Kevin DLP is being "considered"
*ASB **http://XeeMe.com/AndrewBaker* <http://xeeme.com/AndrewBaker> *Providing Virtual CIO Services (IT Operations & Information Security) for the SMB market…* * GPG: *1AF3 EEC3 7C3C E88E B0EF 4319 8F28 A483 A182 EF3A On Thu, Dec 17, 2015 at 12:59 PM, Kevin Lundy <[email protected]> wrote: > I've done some of what Michael said. > To be more secure you would also need to either block internet or use some > sort of DLP. Or both. > > We put tiny lockers outside of our software lab for the electronics. > > On Thu, Dec 17, 2015 at 12:49 PM, Michael B. Smith <[email protected]> > wrote: > >> If you have a particular dev you don’t trust, fire him/her. >> >> >> >> You could up the ante’ with MFA beyond 2FA. Require a second party to >> participate in providing a key to unlock the repository. >> >> >> >> And, presuming we are referring to Windows, ensure that you are using >> GPOs that prevent the use of any USB devices. >> >> >> >> Hand in all electronic devices at the door. Most will learn fairly >> quickly to leave them in their car or at home. >> >> >> >> I’ve seen the first two used at “big money” companies. The last at >> military installations. >> >> >> >> *From:* [email protected] [mailto: >> [email protected]] *On Behalf Of *Andrew S. Baker >> *Sent:* Thursday, December 17, 2015 11:03 AM >> *Subject:* [NTSysADM] Protecting Sensitive Source Code >> >> >> >> Good morning: >> >> >> >> Does anyone happen to have any experience with the protection of >> sensitive source code? >> >> >> >> Essentially, we're looking to ensure that we can adequately mitigate the >> risk of critical portions of the code being copied and used inappropriately. >> >> >> >> This is beyond any protections (real or imagined) offered by the >> following, which we have in place today: >> >> >> >> -- An NDA >> >> -- Restricted access to the source code repository, on a need to know >> basis >> >> -- Two-factor authentication to access the repository (being considered) >> >> >> >> An air-gapped network is not currently on the table for discussion. :) >> >> >> >> Regards, >> >> >> >> >> *ASB **http://XeeMe.com/AndrewBaker* <http://xeeme.com/AndrewBaker> >> *Providing Virtual CIO Services (IT Operations & Information Security) >> for the SMB market…* >> >> * GPG: *1AF3 EEC3 7C3C E88E B0EF 4319 8F28 A483 A182 EF3A >> > >
