I quit my job to start my own SaaS product. I’m now looking to hire my first employee (another developer).
I will be taking appropriate legal precautions to protect my IP, but I’m wondering what other reasonable actions that I can take to further protect my code / data. The last thing that I want happen is what happened to Tesla where someone dumped the source code onto iCloud and ran off with it to a competitor.
I know that it is practically impossible to prevent this 100% from happening and that I need to make sure that I hire quality people and offer meaningful pay and have the appropriate legal documents signed. Apart from this, what else can I do to protect myself from inside threats? I am pouring in my entire life’s savings into this and I will be devastated to lose what I spent the better part of 2 years coding.
Here’s what I’ve thought of so far:
- Buy a work laptop for them
- Encrypt the hard drive (like with Bitlocker)
- Disable all USB ports
- Create a non-admin / limited user account with no install permissions and just the IDEs (e.g. Visual Studio) installed. I use Windows 10 for most development with the exception of a Mac for the iOS portion of the app development.
- Install some kind of employee logging software.
- Disable access to file hosting websites.
- Somehow detect and stop when a certain folder is being uploaded or copied somewhere?
- Somehow make the git repository only accessible from that machine.
- Install some kind of remote admin management system? Azure Active Directory or something?
This must be a common problem for businesses but I must be searching for the wrong thing because I can’t seem to find a guide anywhere on this issue.