Most secure method for allowing remote access to source code

Most secure method for allowing remote access to source code

My company has recently started using Visual Source Safe, which is proving to be a great asset. Now, we are looking at ways of utilizing its capabilities remotely. I've read up on a few programs such as SourceOffsite, which does straight TCP linking with 128 bit encryption through SSL. My question is whether this is the most secure method for allowing remote access to source code. It is important to note that I am in the midst of setting up my first ISA server and through my readings know that I will be able to set up VPN access as well as do server publishing. What I'm looking for is the absolute most secure method for allowing my developers to access a VSS server remotely and what potential risks/threats we would be exposing our network to regardless of the most secure solution. I know this is a lot, but if you could shed any light on the topic or point me in a good direction, that would be great.

    Requires Free Membership to View

    Login

    SearchSecurity.com members gain immediate and unlimited access to breaking industry news, virus alerts, new hacker threats, highly focused security newsletters, and more -- all at no cost. Join me on SearchSecurity.com today!

    Michael S. Mimoso, Editorial Director

    By submitting your registration information to SearchSecurity.com you agree to receive email communications from TechTarget and TechTarget partners. We encourage you to read our Privacy Policy which contains important disclosures about how we collect and use your registration and other information. If you reside outside of the United States, by submitting this registration information you consent to having your personal data transferred to and processed in the United States. Your use of SearchSecurity.com is governed by our Terms of Use. You may contact us at webmaster@TechTarget.com.

I've been reviewing this question for a few days now and think the best answer for your question is to provide standard best practices for all applications using a VPN and SSL. The VPN will provide packet protection for encrypting the packet and headers. SSL will further protect the data. The VPN will wrap the data packet and provide point-to-point (user to company) protection, while the SSL will provide end-point to end-point proof of protection.

Your question is rather complex and requires many more questions and answers, but I think the answer above should lead you on the correct path.

For more information on this topic, visit these other SearchSecurity.com resources:
Best Web Links: Infrastructure and Network Security


This was first published in January 2003