How do you prevent hired developers from stealing code?

Question

I'm in the process of opening up a company that will eventually hire 2-5 developers to work on a large web app.

My main concern is that one or more developers could steal the code. I could make them sign contracts against this type of thing, but I live in a country where the law is "bendable".

Is my only option to lock them up in a room without inet access and usb ports?

I'd love to know how others have solved this problem.

Since only developers can steal code, don't hire any developers. — Vineet Reynolds, Sep 05 '09 at 05:48
Is this a question about code, or a question about managing programmers? Shouldn't it be on programmers.se? — kojiro, Dec 28 '11 at 20:28
The same way you keep your business people from stealing your strategy? — Nathan Long, Mar 07 '12 at 15:04
Possible duplicate of [How do you protect code from leaking outside?](https://stackoverflow.com/questions/173875/how-do-you-protect-code-from-leaking-outside) — tkruse, Jan 10 '18 at 00:53
@Mitch Wheat they would have to be all chained in separate sound-proof areas, no contact with anyone else apart from you and they would speak the code or write in a paper. — Tiago Martins Peres, Sep 13 '19 at 21:07

score 49 · Accepted Answer · answered Sep 05 '09 at 05:26

49

Don't hire people you can't trust.
Break the app into sections and only let people work on a subset of the app, never getting access to the whole thing.
Make it worth their while - you're opening a company, hire people and give them some stock options. Make sure it's more attractive for them to make you succeed than otherwise.

answered Sep 05 '09 at 05:26

Mark Allen

1,230
1
15
17

4

The comprehensive answer, +1, absolutely. – Moayad Mardini Sep 05 '09 at 05:42
2

And should you find you've hired someone you can't trust, fire that person immediately with no access to his or her work computer (you might even disconnect it from the network until it has been cleaned) and while you are firing the person, have someone else changing all possible passwords they could know. Also always keep good backups ofbusiness critical systems. – HLGEM Sep 11 '09 at 20:34
1

This advice is impracticable. 1) The point of stealing code is to betray your trust. Nobody is a perfect judge of character. 2) How does it make sense to do this for a compiled app? CTRL+B=build. Build fails if sections of the code are missing. Headers and libraries are required to be present to build. 3) This is the only piece of advice that makes sense. – bobobobo Dec 16 '13 at 17:35
1) In these days of people betraying solemn trusts like with WikiLeaks, maybe you're right. It used to be that people believed the oaths they swore. 2) Perhaps you work on a single module which builds separately and interoperates with more of the program that you don't have source for. Example: Not everybody works on licensing. 3) What's worth their while now may not be worth their while tomorrow. Reputation would hopefully be another factor. – Mark Allen Dec 16 '13 at 20:06

score 26 · Answer 2 · answered Sep 05 '09 at 05:26

26

How about keeping them all happy and show that you appreciate their work?

answered Sep 05 '09 at 05:26

Cellfish

2,202
18
20

lol. Nice one! I was about to type this! – vpram86 Sep 05 '09 at 05:27
not working with all peoples ... – ABDULLAH MAKKI Aug 10 '20 at 10:51

score 25 · Answer 3 · answered Sep 05 '09 at 05:35

You may find that you think your source code is the valuable part of your business, but you can always build that again. Your real advantage over your competitors is usually in the people you hire, and in the business relationships that you establish in the course of naturally doing business.

score 20 · Answer 4 · answered Sep 05 '09 at 05:27

My suggestion is not technical but social: Make them feel good.

Most human beings have a moral base that prevents them from hurting other people who have treated them with respect and generosity.

There's a slim chance you'll wind up hiring a psychopath, in which case this approach won't work -- but then, it's likely to be the least of your worries.

score 5 · Answer 5 · answered Sep 05 '09 at 05:28

5

The only thing that occures to me is to make them sign a contract where you explicit that if they share any code outside the project ambient, they'll compromise to pay you a large amount of money. But there's no guarantee they'll not do it anyway ..

answered Sep 05 '09 at 05:28

yoda

10,834
19
64
92

score 3 · Answer 6 · answered Mar 04 '15 at 14:53

You can create a vitual environment (a virtual machine) with limited internet connection (only to specific servers - git/svn server, database server, etc) and no copy/paste possibilities. This virtual machine would be a standard environment with common developer tools. At the office a developer would remotely connect to the virtual machine and start developing without being able to steal the code. Of course he could print the screen or type the code on another computer but it's still very hard to steal.

score 1 · Answer 7 · answered Jun 06 '11 at 19:41

There are many encrypting softwares available to encrypt the code. Here is an example http://www.codeeclipse.com/step1.php In other words you can hide the code of one developer(one module) from the other developer and he will not be able to take the whole code himself in any case if you follow this approach.

Thanks Sunny

How do you prevent hired developers from stealing code?

7 Answers7

Linked