Loading...
Answers
MenuWe're developing a web product with a team of 10 developers. How can I protect my source code if anyone leaves the company?
What can I do to protect my tech IP so that any developer leaving the company can't steal the source code?
Also, I want to give laptops to my team members so that they can work from their home, however I am not sure what process I should follow to protect my tech assets.
Answers
If you're using source control, it's easy to track source and control access — or revoke access — if someone leaves the company.
Also, your developers should have signed a contract about the project itself that clearly places the source code under your/the client's/the company's control, and if/when they leave, they release all rights to code created under that contract.
You can never be 100% sure, but these small steps will at least ensure a legal high ground should anyone steal code.
Good luck!
I have intern for a company that sees a lot of developers for projects, along with a different company that was very strict with VPN access.
First of all: contract, contract, contract. Non-compete and NDA at the least. We can have all of the security protection in the world, but if you don't put in legal writing that the IP and any code that you write for the project belongs to them (including anything written on the machine you provide), then there's no legal bounds for stealing the code.
One common way is to minimize local files on the computer; if an employee steals the computer, all of the files could be there. Host that on a secure server with authentication. You can also add another layer of protection with VPN access to the server. Doing this, you don't have public access to the server that hosts your code. Hard drive encryption also protects the employee and yourself from theft; even if the computer is stolen, BitLocker will render that data useless when the thief tries to take the laptop out the computer.
There are many many other mechanisms you can have in place, but that should get you started about the mindset you'll need to protect your source code.
What programming languages are using ? What operating system ?
If you are on windows platform , you can enforce security so the devices and operating system. If you are using Microsoft compatible programming languages, you can use TFS as a source control and ticketing system. You can also use token based systems / cisco vpns and enforce security policies so that users can only use the internal servers / network to commit the code. ( Your IT Department security consultant can help with that ) .
If platform level security can't be guaranteed, you can still use distributed source controls, like GIT or SVN. Software management systems, like Jira or Versionone, can be used for the ticketing, and you can use smart commits for every commit, to help link code on feature basis . That also can be a base for a future plan for implenting TDD and continuous integration .
Finally, your team should be singing an NDA and make sure you work with people with work ethics. Motivate your team to be your asset and grow with you. This is your 100% guarantee.
Let me know if you need more help. .
Good Luck!
As everyone has mentioned , it all starts with your NDA and your employment agreement. Next keeping a highly motivated team that has a healthy culture of ethics. Finally from an architecture perspective you might be well advised to figure out a way to modularize things so not all people get all source. There are ways to do this which can be a benefit to the system you are making, the teams and responsibilities of the staff as well as a physical separation of concerns and access to help mitigate your problem of code availability.
Good luck!
Protecting the source code isn't trivial, since there are plenty of ways to get access to it, one way or the other, with the right motivation.
Step one is NDAs and non-competes, so that you can protect the IP if needed, in extreme cases.
Step two is hiring people with certain reputation. A lot of the good developers are involved with communities of some sort - related to the programming platform or something else. They maintain GitHub profiles and use other methods to be respectable in their niche. Those people are less likely to turn against you and perform shady activities, since their reputation can also be affected.
Step three is communication. Most of the internal conflicts happen due to the lack of proper communication - people getting rejected in a rude way, or not treated properly. Whatever happens over the months (years) can be communicated properly. Even if you part ways one day, it would be clear what the reason is, and it will be justifiable.
Most conflicts happen after a serious company drama that escalated with time, and with the right contract and attitude they could be prevented as well.
Legally or physically?
Unfortunately, the reality is that you just have to assume that everyone who has access to your code has a copy of it on their home PC. They probably don't, but there's very little that you can do to stop them if they wanted to. Think of it this way - have you ever met someone in sales who didn't have a copy their rolodex and some good sample contracts at all times?
The "good" news here is that just having IP is not enough. Software development is so fast and efficient these days that even starting with code, unless you have some very particular formulae (and if you do you should keep them somewhere else with limited access to that code), most of your code is not particularly relevant. To anyone wishing to compete with you its probably fairly simple to copy your product, but much harder to copy the business itself. If you have reasonable employment agreements you can probably make the risk of copying greater than the benefit that a new competitor would get by doing so, and that's often the best you can do.
That's both a blessing and a curse. I've started a few successful "product" companies that relied on SaaS software and would be happy to discuss it further if you like.
As a startup founder, I have the same problem as you do. I researched online and found very few tools (https://ontoborn.com/ontoarmour) that solve this problem.
Related Questions
-
UDEMY: How to detect which niche is still profitable?
I've had great experience as a user of Udemy and write my own courses but offer those privately for my clients. It's always better to build a course that answers a specific need. Think about the avatar for your business. You can't meet everyone's needs. Build a course with no more than 8 segments or modules with 4 - 8 learning segments within each module. You will allow the user to achieve rapid and measurable results by completing each section and ending each module with an assessment (quiz) that further validates learning the skill. Udemy is easy to use so you will have a broad audience looking for specific needs.JE
-
If I come up with a coaching methodology / formula, is it protected under Copyright?
(I'm a small biz attorney who helps people with copyright, trademark, and other IP law, and I'm answering per U.S. law.) As soon as you take your idea and put it into a tangible format (write it down, create an infographic, record a video), then that writing/infographic/video is automatically protected by copyright law. You can record the copyright on it too, which makes it easier to protect and get damages from other people taking it. But the formula itself would be probably protected under trade secret law or patent law. Patent law obviously takes a bit more effort, because you have to apply for the patent and get your application examined by the USPTO, which takes years and $$$. Keeping it protected under trade secret law means you have to make an effort to keep it secret (which may not work if you are disclosing it as part of your marketing efforts), such as keeping it confidential and requiring NDAs. As someone else said, the other terms you use might be protected under trademark law. If a member of the public would use those terms to link your products/services with the source of the product/service (aka, your company), then they could be trademark-able. There are some state law protections for trademarks, and you can also file to register the trademark with the USPTO and get more protection. Hope that gets your started!EP
-
What are the hottest technological innovation today that are investment-worthy?
Investors on the East Coast and West Coast are polar opposites. It's a generalization, since there is variation within those regions as well, but here are a few generalizations to help you play to your audience. BAY AREA: Big ideas (with some foundation under them) win, the kind of ideas that can produce 1000x+ returns. If the space is going to be owned by whichever company gets to market with a good product first and/or the value will be in billions if they own a huge market (think SnapChat). PHILLY/NYC/ETC: Great for biotech. For SaaS and other tech, focus less on "hottest" innovations and more on how to displace industry leaders in big markets (like SalesForce) with something that is simpler and solves a major pain point in a way that the industry leaders do not. IMPORTANT: Regardless of which region you plan to raise funds in, ignore what's "hot" and focus on where you have unique insight and experience. If you are an engineer, try Internet of Things or a startup catering to some engineer-heavy industry you're familiar with. If you're a doctor, don't try to start a social network for teens - start one for patients and their family/friends (another hot space), or something else highly related to your experience. If you have credibility in your space, your odds of success are MUCH higher, and therefore investors will be more eager to invest in you. If you want help identifying the right investors and creating a pitch deck that doesn't get thrown in the trash, schedule a call and I'll sign an NDA if we end up getting deep in the idea together.RD
-
How can I sell a product with someone else's IP?
If the person doesn't have a patent, trademark, or copyright on the thing you want to copy, then you can copy as much as you want. Current IP law in the USA is "first to file" (see: https://en.wikipedia.org/wiki/First_to_file_and_first_to_invent) If the person has any of those things, and you want to copy them legally then you have to ask them for a licence. If the person has any of those things, but doesn't have the money to sue you for infringement, then you might be able to copy it with legal repercussion. That wouldn't be very cool though.LV
-
If I have a clause in my contract where any "Derivative" works are owned by the company -- what are the limits of this were I to create something new?
This is a tricky question as you are entering a gray area if you are using material from Book Z to inspire your own book. Derivatives works are highly litigated and there is case law that you could turn to to help you make this decision but based on your example its going to be a fine line. You would have to be able to distinguish the products as two very separate works. Since the original book Z is inspiring your new book this may be hard to do. It might actually be easier to talk with the original author about your future plans and develop an agreement between the two of you where he waives any claims he might have here in exchange for recognition in your book. Just an idea--FYI- this is NOT LEGAL ADVICE. You should consult with an attorney in more detail here.MS
the startups.com platform
Copyright © 2025 Startups.com. All rights reserved.