Protecting source code from theft during development

halfbit picture halfbit · Oct 29, 2010 · Viewed 9.7k times · Source

Is there any way to protect my code during development so that if a developer leaves my company they are unable to access files in my project?

This is especially important with TFS where the project is downloaded locally, cached, and available for offline use. Ideally the code would be unreadable if they did not have a valid Active Directory user ID.

Even if this idea is not possible, I'd like to learn of any practical deterrent you can think of...

Answer

David Thornley picture David Thornley · Oct 29, 2010

You have to extend some form of trust to your developers. If you can't trust them not to take source code with them, how can you trust them not to build back doors and the like into your systems?

Moreover, if they're going to work on code, they're going to need access to it, and if they get access to it they can almost certainly copy it. You can try to limit it, but it's you trying to outthink in advance a group of people who only need to find one mistake you made. Besides, overtly distrusting your developers isn't going to help you anyway.

Are there actual trade secrets built into your code? If so, you might want to rethink that. If not, how much harm will it do in somebody else's possession? They can't legally use it, and the developers that leave will often be able to write something similar anyway.

For this, you want legal protection, not technical.