While DevOps drives innovation and simplifies collaboration, it also comes with its own set of risks and vulnerabilities. Developers rely on Git-based platforms like GitHub, Azure DevOps, Bitbucket, or GitLab to work on code.
Repositories usually contain mission-critical data, and with growth, teams expand and their workflows get more complex — all leading to more potential risks that could affect your data.
The Shared Responsibility model
The division of duties in regards to SaaS data protection is outlined using platform-specific shared responsibility models. You, as a customer, are responsible for the data stored on your SaaS accounts. Platforms like GitHub are not obligated to help you with data recovery.
The service provider is responsible for the uptime of their service, while the users’ duty is the security of data, accounts, and devices.
That means users must implement strict access controls, protect credentials, and leverage automated backups; all to secure data against ransomware attacks, human errors like accidental deletions, and service disruptions. Moreover, SaaS platforms themselves advise their users to implement their own backups.
Security differences between platforms
The leading distributed VCS platforms, like GitLab, offer built-in security features. These can help with building a cyber defence strategy. The specific controls and tools differ in each platform and range from PATs to access controls and regular reviews.
GitHub
In GitHub, users get native controls that include secret scanning, push protection, code security features like dependency review, and Dependabot alerts.
... continue reading