Security issues from using Github and Github Enterprise on the same machine.

I’d like to ask if there are best practices regarding the case in where a work account that uses GHE (Github Enterprise) coexists with a personal account that uses Github inside the same machine.

I’m concerned specifically about the following points:

  • Employees might inadvertedly push our client’s code (a repo from GHE) to their personal accounts, leaking client’s information.
  • Commits on a repo might be performed by the wrong account. (We don’t want our client’s code to contain personal account’s commits.
  • The ease of pushing / commiting with the wrong account might vary depending on the Github client used (SourceTree, Tower, etc.) 

Our GHE is configured to work with SSH keys. 

Personal Github accounts are still not allowed within company computers, but we would like to asses the possibility of allowing them for specific cases if security risks can be avoid.

Any information or clarification about these issues will be greatly appreciated.

Hi @oskarperedo,

You may be interested in this GitHub Enterprise configuration tool that Autodesk put together for use cases similar to yours. It uses a git config trick to block pushes to dotcom by default. While this is a third-party tool which we do not directly support, Autodesk has partnered extensively with the GitHub Enterprise team to create several tools for managing GitHub Enterprise easier.

Please let me know if this helps or if you have any additional questions.

Thanks!