The enterprise love affair with GitHub cloud

With over 100 million developers and 370 million repositories, GitHub is the world’s most popular platform for source code management and a driving force behind today’s open-source revolution.

Its popularity among enterprises is particularly astounding.90% of the Fortune 100manage their software on GitHub, and that number is only increasing.

As an official partner, Modus Create frequently receives requests for implementing GitHub solutions at enterprises — from GitHub Actions to GHAS. One particular trend that’s picked up steam in recent months is GitHub cloud migration.

Enterprises are increasingly moving their repositories to the GitHub cloud from SVN tools, other Git solutions, and even GitHub’s on-prem version. But why? As is often the case with major trends, both seasonal and evergreen factors are at play.

GitHub Cloud’s centralized user management

A major reason behind enterprises moving to the GitHub cloud is to get more control over their user accounts. Once you have aGitHub Enterprise Cloud (GHEC)and Enterprise Managed Users (EMU) account, you can integrate it with Azure Active Directory or Okta. This lets you control usernames, profile data, team membership, and repository access for user accounts from your IdP.

Centralizing user management on the cloud helps enterprises from a security/compliance perspective, as it prevents users from creating public repositories or using their own GitHub accounts. Although this isn’t viable if you want to have a lot of open-source projects and a community of contributors, it’s less of a concern for highly regulated customers such as banks and pharma companies. Enterprises that run open-source projects often have a separate GHEC account (and budget) to support them.

Note: GHEC + EMU supports a variety of IdPs (source: github.com)

One current limitation with GHEC is that EMUs only support Azure AD and Okta. So you’ll have to switch if you’re using another identity provider or wait for GitHub to include more options.

Cybersecurity on the cloud

Cybersecurity is now engrained in every part of product development and digital initiatives, even the user experience. Users increasingly demand and expect data protection, causing global enterprises to beef up their security postures.

59% of organizations surveyed for Modus Create’s research report on Investing in Digital Transformation and Product Development plan to improve their cybersecurity posture in the coming year, making it the most popular digital initiative for the second year in a row.

Launched in 2019,GitHub Advanced Security (GHAS)is a set of security tooling by GitHub to help developers identify andremediate cybersecurity vulnerabilitiesin their code. Migrating to the GitHub Enterprise Cloud helps enterprises take advantage of GHAS as it provides starter workflows for security features such as code scanning, so developers don’t need to start from scratch.

Static Application Security Testing (SAST) helps identify and analyze potential security vulnerabilities in an application’s source code, binary code, or software architecture before the application is executed or deployed. Enabling it directly in GitHub is incredibly easy. It reduces the overhead of running either commercial tooling, such asSonarQubeandVeracode, or wiring in open-source tooling, such asHorusec. GHAS also supports dependency checking for CVEs and EOL packages (Dependabot) and has a comprehensive secrets scanning mechanism baked in.

Availability of GitHub Advanced Security features for public and private repositories (source: github.com)

Since GHAS handles everything from tagging issues by severity to recommending fixes, it can help teams quickly triage and clean up issues. You also bolt it onto the existing license costs, so you don’t have to deal with another vendor.

“Thanks to Dependabot, we were able to act very quickly to mitigate the Log4j vulnerability because we could easily see which repos were affected.” —Sherin Mirza, DevOps Transformation Lead at Shell

How GitHub Cloud elevates the developer experience