I am developing a web application by using ASP.NET. I would like to hire some developers to speed up my process but I am afraid what If my members take my code and go away? I am just wondering how big companies maintain their product code without falling into wrong hands. For eg: As I said you earlier I am hiring some staff to my speed up my process but you know every man is not same. Some people may work hardly and some may get the whole code and leave.
So my question is how big companies like Microsoft, Facebook, Yahoo keep their code protected?
Facebook currently have nearly 8,348 members (September 2014). If I say each and every person have the full Facebook code am I right or wrong?
So what are the best practices should I follow if I hire staff members to speed up the process?
7
You’re overestimating the importance of source code, and underestimating the importance of everything else in the value chain of selling software.
Sure, a contractor might steal your source code. But what then? Will they be able to create a release, maintain the code further, contact your customers and sell them a knock-off for a lower price? Almost certainly not. Particularly for extremely large companies like Microsoft, making money from software involves a hell of a lot more then compiling the classes and shipping them to people for money. Nobody could possibly steal the Windows source code and proceed to put Microsoft out of business; the legal, practical and logistical hurdles are just way too high to pull that off.
That leaves the fear that by reading the source, competitors will learn the clever tricks you used and gain an advantage. This, too, is almost always grossly overrated; if your ideas are any good, you will have to ram them down people’s throats! Software succeeds big not because it uses clever tricks, but because it fulfills a need accurately. Successful software shops do good market research, gather good requirements, have a solid production and testing process in place and generally do things in the most predictable, easy-to-plan way.
To be sure, sometimes there is a market advantage to be gained from having more brilliant engineers than the competition. Read Paul Graham’s description of Viaweb one day – the competition didn’t even know they were using Common Lisp! But are you really a Paul Graham? Probably not.
(And Microsoft does in fact make windows source code available to many partner universities – under non-disclosure agreements, to be sure, but still, exactly to the people that might use the ideas gleaned from it to compete with Microsoft! But this never happens, because possessing someone’s source code doesn’t magically equate to usurping their market position.)
3
Why focus on how big companies handle it when small companies also have the same issues? I’m the sole backend developer for a small company and have access to all of my company’s Git repositories, both at work and at home. In theory I could take all this work and run off with it at any moment. There are many reasons why I don’t including, but not limited to:
- Theft is illegal
- Losing my job means losing my paycheque, which is probably going to be worth more in the long run than any single project I could steal unless it was really, really good
- Stealing the code is not stealing the infrastructure. I have neither the capacity nor knowledge required to run and maintain Facebook on my own even if I had full access to the source code
- Stealing the code is not stealing the audience. There are already plenty of Facebook clones, people aren’t going to flock to a literal clone just because it exists
- Stealing the code would prevent or severely hinder me from getting another job in the field due to nobody else wanting to hire a source code thief
In short, there’s very little incentive to actually steal code. I think the bigger issue is giving programmers the inspiration to develop your idea on their own in their own way, but at some point you have to be willing to trust your project to other people if you want them to be able to work on it. It’s a gamble but unless you’re going to do all the development work yourself, it’s a gamble you’ll have to take.
Large companies do restrict which of their employees has access to their source code. And having access to source for one product does not mean you have access to source for all products.
But I think this has less to do with preventing the kind of theft you’re talking about, and more to do with avoiding accidental changes to the wrong code.
One of the large companies you named definitely had an incident where an employee or intern posted some source code online. They weren’t happy about it, but in the end the damage was mainly reputational (i.e. they allowed it to happen).
I’m with Kilian. The source code just isn’t as important as you think it is. I create source code and would love to believe the fruit of my work is the most valuable thing my client possesses, but it simply is not.