Internal security
One of Sourcegraph’s top-level principles is to keep our customers’ data private. In the same way, maintaining the integrity and security of our internal data, employee information, and systems is critical.
As we attempt for SOC2 certification we are also acknowledging that we are more susceptible to attacks, putting our IP, our client’s data, and our teammates’ personal information all at greater risk of being compromised. These are the steps we are taking internally to proactively prevent malicious attacks and threats and protect our resources.
Required security measures for all full-time teammates, interns, and temporary contractors:
- Setup up your computer according to our requirements
- Follow password guidelines for accessing/administering systems as well as for protecting your devices
- Attend security training (in work)
Security measures Tech Ops is taking:
- Institute baseline device standards
- Enable enpoint management and antivirus solutions, such as Workspace One and Carbon Black
- Set advanced phishing/spoofing settings
- Run quarterly system reviews (in work)
- Perform internal audits (in work)