GitHub Enterprise operates on your infrastructure, which means it is governed by your existing information security controls: from firewalls and VPNs, to IAM and monitoring systems. This on-premises solution can help you avoid the regulatory compliance issues that arise when you use cloud-based solutions. Below is an overview of the security features built into the appliance, along with information about GitHub's development practices for application security.
GitHub Enterprise provides a Linux user administration account and two types of application users.
Organizations and teams provide the granularity necessary to assign permissions or access rights to specific users and groups of users.
Organizations are a core concept in GitHub Enterprise. They allow you to create as many logical containers as you need for your business units, and even for your projects. Each organization account functions as the owner of one or more repositories, and the organization owners can add users to the teams they create.
Inside organizations, you can manage access to repositories using teams. Teams are made up of members and repositories. When you add a repository to a team, you can choose one of three permission levels to grant team members:
GitHub Enterprise provides four primary authentication methods.
GitHub Enterprise is designed to run behind your corporate firewall. To secure communications over the wire, we encourage you to run GitHub Enterprise over SSL. An administrator can add 2048-bit or higher commercial SSL certificates for HTTPS traffic. Additionally, SSH for virtual machine administration and repository access using Git is enabled by default on GitHub Enterprise.
Having an accurate record of all user and system activity is a core requirement for many customers. GitHub Enterprise has detailed audit records, accessible to the site administrators, that capture relevant security information. The system also provides traditional operating system and application access logs.
While not an exhaustive list, the following are some examples of the audit and logging information available:
Audit logs are permanently stored on the system, and both types of logs can be exported from the system in real-time using the standard syslog protocol. You can also specify multiple log forwarding destinations. This enables you to integrate this data with remote systems, such as an IDS/IPS, for analysis and notification.
GitHub Enterprise is built on a customized Linux based operating system. Only necessary services and applications have been installed, and only services necessary for the appliance to function are exposed to the network and access is controlled through an internal firewall.
GitHub's application security team focuses full-time on vulnerability assessment, penetration testing, and code review for GitHub products. GitHub also contracts with outside security firms to provide point-in-time security assessments of GitHub products.
Patching of the core operating system, and running services to address security concerns, is managed by GitHub as part of its standard product release cycle. This includes patches for functionality, stability, and non-critical security issues for GitHub applications. Critical security patches are provided as needed outside of the regular release cycle, to improve time to resolution and also limit changes to the system.
Security-only patches are announced on our Enterprise customer portal, and also with email notifications.
By design, GitHub Enterprise is able to operate without any egress access from your network to outside services. The system administrator can optionally enable the integration of external services including SMTP, Syslog, and Gravatar.
The system does not attempt to communicate with GitHub's own servers; however, your system administrator can collect data helpful for troubleshooting any issues, and manually deliver that data to the GitHub Enterprise Support Team.