Solved

How do companies protect source code?

Posted on 2016-10-14
4
53 Views
Last Modified: 2016-10-21
If I've built an SaaS app in PHP, and am now hiring other developers, how can I ensure that the source code is not stolen?
0
Comment
Question by:Stephen Forlance
4 Comments
 
LVL 108

Accepted Solution

by:
Ray Paseur earned 250 total points
ID: 41844428
Hire only developers you trust!  Write strong contracts and be prepared to spend the money to enforce the contracts.  Have good lawyers.  Segregate the components on well-defined interfaces and only assign programmers to single components.

When companies protect source code, they often use obfuscators like Zend Guard.  But more and more programs are being put into open-source, or housed in a cloud environment and offered as a service.  It's usually the data that matters, rather than the code.  Most of us can see the action of the service and quickly envision how to write the code that "just does that."
1
 
LVL 23

Assisted Solution

by:Dr. Klahn
Dr. Klahn earned 125 total points
ID: 41844453
Given the generosity of compilers with code size these days, it's hard to protect source code when running a dynamic debugger against the code reveals the source.

Everyone has a price.  All it takes is for one of your competitors to find the price of one of your employees.  A million dollars is not as much as it used to be, but for some people it's enough.  If you hire H1-B employees, it's enough to buy a dozen of them.

Therefore:  IBM and the BUNCH knew a long time ago that it's more profitable to sell the service, not the code.  You can sell a service contract over and over again, every year.
0
 
LVL 51

Assisted Solution

by:Julian Hansen
Julian Hansen earned 125 total points
ID: 41844464
Developers on big projects usually only get to see a part of the codebase they are contributing to. In most cases code snippets on their own are not enough to be worth stealing - and I have always maintained if the code was developed by the developer - he does not need to steal it as it is already in his head. This does not cover other code or intellectual property that the developer did not author.

As Ray mentioned trying to lock down Web code is not really feasible. Your USP should be your business model, partnership agreements, data and customer base. There is not much you can do as a web developer that cannot be copied by just looking at what the code does. Much of the interface exists in the browser these days anyway in the form of JavaScript.

There are instances however, where you have developed IP that resides on the server that has value - and is not obvious from the browser side. At the end of the day you are going to have to trust someone. A legal document discourages theft - it cannot prevent it.

Most top developers are professionals - who have spent many years plying their trade - it is unlikely they are going to compromise that.

Having said that - we do work for film production companies and some of them can be really strict about how you handle their post production material. The legal contracts are a given but you also have to prove that your environment is secure. USB ports must be disabled. All internet connectivity is through a proxy that allows only certain traffic to and from specified destinations. You are not allowed to bring phones or cameras in to the work space. You cannot have access to your normal email or normal web services. And in some extreme cases you are searched on arriving and leaving the office. Not sure how many software companies do this - but it is an option.
0
 
LVL 25

Expert Comment

by:madunix
ID: 41845423
Get a trusted people;  make sure you have nondisclosure agreement (NDA), to protect the confidential information from being disclosed.
0

Featured Post

Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

Join & Write a Comment

Although it can be difficult to imagine, someday your child will have a career of his or her own. He or she will likely start a family, buy a home and start having their own children. So, while being a kid is still extremely important, it’s also …
This article discusses four methods for overlaying images in a container on a web page
Learn how to match and substitute tagged data using PHP regular expressions. Demonstrated on Windows 7, but also applies to other operating systems. Demonstrated technique applies to PHP (all versions) and Firefox, but very similar techniques will w…
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now