For a lot of companies, their project's source code is extremely valuable for them -- thievery from the source code is extremely pricey. Keeping source code tightly controlled on the local network is an excellent method to assist safeguard it.

However, you will find benefits of hosting source code externally, whether it's just a subversion or git server located on dreamweaver, or perhaps a full solution like github or cvsdude.

In many of these cases, there's the chance that an worker or any other insider could access your company's full source code and history, although most probably this risk is comparatively small.

Are these real fears, or should companies not be worried about them and rather take advantage of the benefits of 3rd party hosts?

What are the large effective companies presently hosting their private repository on among the 3rd party source code management websites?

It all is dependent how much a strong feels safe outsourcing. You will find lots of common IP work pieces to delegate. Here are a few, together with the potential risks to IP:

  • Development: Contract developers may have heard a great deal about your IP
  • Hosting: Your Internet host has all your code
  • Accounting: An accounting firm understand all the particulars about your financials
  • Legal: Lawyers understand all the particulars about purchases, pre-filed patents, etc.
  • Manufacturing: Contract producers have the IP associated with creating your products
  • Email: Outsourced email gives your host just one database with the communications
  • Telephony: Your telephone company could snoop in your lines

Basically, source code hosting is the same as outsourcing every other bit of the IP stack -- except it's more recent so people haven't had time for you to adjust. Every firm includes a different balance of comfort outsourcing each area of the stack, but the truth is every factor you delegate is definitely an chance for somebody to steal your IP. Ultimately, it boils lower to locating a reliable vendor. The infamously paranoid Apple finds manufacturing partners to create their hardware.

IMNSHO the main reason to delegate source code hosting is identical reason a strong outsources anything: it isn't their core business. Outsourcing the hosting of the databases for any year might cost just like 2-3 hrs of the developer's time if he stays additional time than that each year maintaining the repository, you've basically lost money. (This is correct even when he is not compensated on an hourly basis since you only reach steal a lot of of his weekends before he takes time back by investing more work time on Twitter).

Disclaimer: Sometimes for ProjectLocker, a resource code hosting firm.

Most probably if the organization violates their tos and steals or exposes your intellectual property, you are able to initiate law suit against them?

I frankly aren't seeing any advantage in storing your company's precious code on a 3rd party server, only potential issues ... There might be a lot of frightening situations which i will not even attempt to imagine all of them.

Aside from the effort to set up and gaze after for example a SVN server is very reduced, also the price of getting say a devoted server for this function, and so i aren't seeing any reason behind not storing your personal code.

You may be forced to utilize a 3rd party just in case you do not have the abilities, or even the money to purchase a server or whatever, but selecting this method purposely ... it is a obvious NO-NO in my experience.

Any company relationship requires some degree of trust. If you won't want to do-it-yourself, because it might be more costly to do this, you'll have to trust someone, we do all of it time.

You are able to, as pointed out, hedge a few of the risk by making certain a good agreement of discretion and liability is available which your lawyers can seem to be confident of the slam dunk situation to recuperate damages. You cant ever get rid of the risk when confronted with organizations not beneath your control. Actually, a lot of companies won't ever accept be responsible for problems.

If you cannot cope with the danger, or pay the risk, you need to function it internally rather than searching to file a lawsuit if something does happen.