We have all heard about the employee stole a source code and attempted to sell it to a third party. In that case it was an employee, but today in an increasingly globalized world the situation has become much more dangerous.
We acquire product development services from third party entities in Israel and abroad, but cannot directly control them or their employees.
To reach a solution we need to divide the problem into two parts:
- Direct access from a developer’s personal computer to a development environment
- Local admin permissions to developers within development environments
The best way to handle the first problem is to compartmentalize the development environment rather than granting developers direct access.
The best configuration for implementing the solution is by building a VDI environment for developers, offering a remote work environment with all the development tools of the original environment.
The best example of this is Citrix Virtual Desktop technology which enables the establishment of VDI environments for both Linux and windows operating systems on: VMware, Nutanix, XenServer and KVM or on cloud providers’ infrastructures (Iaas) such as: Azure, IBM, AWS, or Google Cloud.
One of the main advantages of Citrix Virtual Desktop is an excellent user experience on remote lines and internet infrastructures while maintaining a high picture quality, even for apps requiring graphic cards.
In addition, the system enables wide data Security policy capabilities, while maintaining organizational information within a virtual environment: blocking data copying to a user’s local environment, the ability to add a watermark, and blocking the ability to print screen and record keyboard typing.
A further problem is the granting of local admin permissions to developers within development environments, which results in loss of control over what is happening in your development environment.
Centrify’s Zero Trust technology puts a stop to the dependence on local admin in development environment while building an admin permissions policy based on developers’ specific work requirements.
The system also allows granting permissions for a predefined timeframe, and if it identifies irregular activities by a developer it requires strong identification using OTP when entering the development environment or when carrying out an operation requiring high permissions.
Any action carried out by a developer is registered in a log and also recorded by the system.
The system also includes a password management vault with PAM capabilities, nullifying the need for a user name with static passwords for apps, scripts or running processes.
In conclusion, The use of Citrix’ Virtual Desktop technology together with Centrify’s Zero Trust results in a significant reduction in the risk of source code theft and greater control over what goes on in your development environments.