I’d like to ask if there are best practices regarding the case in where a work account that uses GHE (Github Enterprise) coexists with a personal account that uses Github inside the same machine.
I’m concerned specifically about the following points:
- Employees might inadvertedly push our client’s code (a repo from GHE) to their personal accounts, leaking client’s information.
- Commits on a repo might be performed by the wrong account. (We don’t want our client’s code to contain personal account’s commits.
- The ease of pushing / commiting with the wrong account might vary depending on the Github client used (SourceTree, Tower, etc.)
Our GHE is configured to work with SSH keys.
Personal Github accounts are still not allowed within company computers, but we would like to asses the possibility of allowing them for specific cases if security risks can be avoid.
Any information or clarification about these issues will be greatly appreciated.