Using your IT department's technologies to provide protection from unauthorized users is a great "free" line of defense for your source code or builds. This defense is free because it is maintained and provided by your IT department and should not come out of your group's budget. The following is a list of inherited security you can get from your IT department:
If you work with your IT department, you should also be able to automate a lot of security measures, such as these:
I mentioned in Chapter 4, that it is better if your IT department does not maintain your build machines. I still think this should be the case, but rely on your IT department to maintain and control your corporate network, including restricting how users log in remotely or onsite. This is the security area outlined in this section. |