Daily Communication——Release of Code on GitHub

Daily Communication——Release of Code on GitHub

março 21, 2019 | Mina Hao

Case Analysis

Before compromising a website or system, a hacker usually searches for related information beforehand. Code repositories are a major target. A security-unaware developer may upload code to a public platform, providing an opportunity for hackers to obtain API accounts or security holes by analyzing the uploaded code.

Security Tips/Takeaways

  • Save website, system, and product code on the SVN server permitted by the company.
  • Use the company’s VPN to connect to the development machine for work at home. Do not use a network drive or code repository to share code.
  • Do not copy the code of important systems to USB flash drives unless authorized by the company. Code copied to USB flash drives must be properly protected and immediately deleted after use.

Daily Communication——Print of Documents at a Print Shop

Case AnalysisCase Analysis

Print shops often keep clients’ documents on their computers for a long time. No one urges them to delete these documents regularly and clients can copy arbitrary documents from these computers. Therefore, this is a scenario where sensitive files can be easily disclosed.

Security Tips/Takeaways

  • At a print shop, documents should be printed directly from the USB flash drive, without being copied to the print shop’s computer.
  • Conditions permitting, use an anti-copy USB flash drive to prevent intentional copy of files from the USB flash drive to a computer.