L
L
lisr252012-12-28 11:36:03
PHP
lisr25, 2012-12-28 11:36:03

Development team expansion. security issue)

Faced with such a situation,
We were developing a cozy project, the team is small. (2 people, working remotely)

The project has grown somewhat and the question arose of expanding the development team.
Now there are fears at heart about providing access to the source code (they will steal, sell, etc.)) The

question may seem funny, but still, what are the ways to be safe? I really want to bypass the rake.

* once again, I will note that we work remotely (it seems to me that when working not remotely, the level of trust increases slightly)

Answer the question

In order to leave comments, you need to log in

8 answer(s)
X
xmoonlight, 2012-12-28
@xmoonlight

The project structure should be scalable and divided into logical blocks - "cubes". Here is one cube - give to one person. Binding cubes - no one! For example: ABC algorithm chain. You keep the "B" cube and give "A" and "C" for development. Next - write more cubes yourself (or authorized persons): "B0" and "B1", get A1-B1-ABC-B2-C1 and then give "A1" and "C1" again for development. Those. blocks "B" are a kind of "glue" that does not allow third-party developers to put the project together piece by piece.

D
DeusModus, 2012-12-28
@DeusModus

Be respectful and select your candidates carefully. I have a bunch of "secret" code in the hands of many large projects and no thoughts of either selling or taking it for myself.

S
Sergey, 2012-12-28
@bondbig

An NDA will suffice. What can be effectively solved by organizational measures should not be complicated by technical tricks.

N
Nikolai Vasilchuk, 2012-12-28
@Anonym

Are you writing a GLONASS satellite control system?

E
egorinsk, 2012-12-28
@egorinsk

There is an opinion that the value of most projects is far from being in the code. So I see a service that I liked, for example, VKontakte, I take N coders, give them TK, and after a while I get a code.
If we are talking about a simpler project based on a cut Drupal / Wordpress / forum / whatever (example: Habr, rutracker, Smashing magazine, Audiotuts), rewriting it is even cheaper and faster.
If someone really wants to copy your service, they can do it without having access to the code.

V
valkiriy, 2012-12-28
@valkiriy

In the world of outsourcing, there are contracts for this. It’s really impossible to control bits, but with a contract, at least you can be held accountable if you prove it.

A
Antares19, 2012-12-28
@Antares19

Usually in such situations, the management still often raises the question of VCS vs DVCS. DVCS is much more convenient, but in the first case, developers' VCS only has some source cuts, and in DVCS, the entire repository with all the history and branches.
Difficult choice :)

V
vsespb, 2012-12-28
@vsespb

In general, it often turns out that the code in general is not as mission critical as it seems. Who needs it and why?
You hire normal developers with experience and a good salary, what scripts, what can they do with this code?

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question