8 ways to manage GitHub user permissions
Just like the pandemic the world is going through, many companies are also suffering from a “cyber epidemic” due to a significant increase in cyber attacks, and it is imperative to secure their code. Read this article to walk you through how to maximize security permissions before code is released to GitHub, as well as review the creation of a plan to lock down the multiple layers of permissions and tools required in the GitHub development process.
1. Know your GitHub account type
GitHub has three account types with varying amounts of access control.
- Personal account: This account allows only one owner to add project collaborators.
- Organizational Account: This account type controls access based on team structure. It allows more detailed access across multiple team members.
- Business Account: This account type includes strong access controls across multiple organizations. For added security, it offers a local hosting option. This option ensures that GitHub repositories are inaccessible on the internet without secure corporate network virtual private network access.
Find out what type of accounts your development team has so you can take advantage of all available access.
2. Centralized access management
Centralizing access and permissions to administrators simplifies the management of external collaborators and also reduces the cost of GitHub access.
GitHub server access
GitHub provides the following types of access for development. Set access levels based on developer roles.
- Read: Enables developers to view and clone the codebase without making changes to the code.
- Classification: Enables developers to manage to pull requests without write access.
- Write: Enables developers to simultaneously commit new code to the repository.
- Maintenance: Enables project managers to oversee the codebase without granting access to sensitive operations.
- Governance: Gives developers full control over the codebase, including securing and deleting the codebase.
Avoid setting access permissions on demand. While convenient in the short term, roles and positions within the project may change as the project develops and over time. To maximize access security, designate one person to work exclusively on and grant the minimum permissions required for the project.
Organizing Administrative Access
If you have an organization owner account, you can add new users to the repository and control their level of access. You need to determine the basic rights profile for your organization. Basic permissions are automatically applied when you add new members to your GitHub repository. By default, for maximum security, make sure that basic permissions only have read access. Grant broader access only when needed.
3. Secure your codebase
According to a study published in 2019, a comprehensive scan of public GitHub repositories found more than 570,000 instances of sensitive data in total on the platform. These instances include API keys, private keys, OAuth IDs, AWS access key IDs, and various access tokens. The main risks of these types of exposures include financial loss, privacy breaches, compromised data integrity, and misuse of information. Try the following practices to protect your codebase.
Restrict codebase visibility
A poorly configured server or a developer with poorly configured access rights can inadvertently change the visibility of the codebase. To avoid this and ensure maximum security, limit codebase visibility changes to the organization’s owner account or the project’s admin level.
Implement single sign-on
Organizations with GitHub Enterprise can use Single Sign-On (SSO). With SSO, organizations can use their own accounts and access rules without requiring developers to use GitHub accounts. SSO limits potential human error and password reuse issues.
Disable forks (fork)
With limited read-only access, developers can easily copy entire codebases using Fork. The code repository may initially be private, but a fork can quickly expose everything into the public space. The risk increases exponentially with each fork, creating a tree-like chain of security breaches through the exposure of sensitive data. To avoid these situations, disable Fork for maximum security.
4. Verify access
To keep your GitHub account and data secure, require and manage authenticated access.
two-factor authentication
Two-factor authentication (2FA) provides security by requiring multiple credentials when authenticating logins. For maximum security, GitHub recommends using a time-limited one-time password (TOTP) service, such as LastPass Authenticator or Microsoft Authenticator.
SSH authentication
Users set weak passwords or share passwords among multiple services, creating security risks. To avoid such risks, use an SSH private/public key pair to authenticate operations on the server. For added security, GitHub supports automatic SSH key expiration and rotation, which limits the access window even if the SSH key is compromised.
personal access token
For smaller projects, use a personal access token. Personal access tokens work like SSH keys, but don’t provide automatic rotation and need to be set up manually by the GitHub account owner.
5. Restrict access to a list of pre-approved IP addresses
Locking access to GitHub servers to a pre-approved list of static IP addresses is one of the easiest and most straightforward ways to secure access. With IP restrictions, hackers must identify and infiltrate computers on a pre-approved list before attempting to access your GitHub repo. Even if your login credentials are compromised, it’s a significant hurdle for them.
6. Timely revocation of permissions
To maintain the highest security standards, access rights need to be managed finely and regularly assessed during project development. When employees leave a project or business, promptly modify or revoke their access. This method follows the principle of least privilege, i.e. granting the permissions required to perform a specific task. Doing this will ensure that everyone with access to the code is only working within their purview.
7. Key Management Solutions
One of the biggest security risks to GitHub repositories is the carelessness of developers, not the intrusion of infrastructure by malicious groups. To maximize the security of your codebase, consider key management solutions. These solutions automatically prevent sensitive information from reaching GitHub repositories and clean up repositories if sensitive data has been compromised. Several GitHub tools handle different security modes, such as:
- git rebase, a command-line tool for removing known sensitive information accidentally committed into code.
- truffleHog is a powerful data mining tool that helps researchers easily search for high-entropy strings and sensitive data (such as API keys, tokens, and access credentials) from target Git repositories. This information is used to improve the security of your own codebase.
- Git-Secret , is used to encrypt the files in the git project to prevent the git project from being leaked online.
The key management solution needs to be integrated directly into the CI/CD pipeline, and AI and machine learning algorithms must be used to automatically identify and block before pushing it to the GitHub repository.
To prevent secrets from being exposed in the first place (even by accident), implement the “Secret Vault” security policy. Secret Vault is a self-contained system for storing sensitive information. Vault, on the other hand, is a tool for protecting highly sensitive data while providing a unified access interface. With Secret Vault, tighter access controls and audit trails can be enforced, and vulnerabilities and breaches can be easily detected.
8. Develop a security plan to protect your code
When developing a safety plan, keep the following in mind:
- Enforce security standards within your organization and store all sensitive information in a Secret Vault or secure key store.
- Classify sensitive information used in your organization . Understand where your organization may be vulnerable, whether it’s database passwords, API keys, tokens, or admin panel URLs.
- Most importantly, realize that human error is often the source of security breaches. The high cost of dealing with security breaches can spell a “dead end” for a business or organization.
Enterprises can try these scanning tools and integrate this tool into the CI/CD pipeline to effectively prevent sensitive information from being committed to GitHub repositories.
