What additional services should Azure provide?

ip restrict access to visual studio online

Our company houses our source code in Visual Studio Online. Currently a developer with an account can log in from home and download our entire code base which is basically our intellectual property - not good if they are about to resign and go to a competitor.
My suggestion is to allow IP restrictions on downloading code/workspaces. The rest of the site should be accessible from any IP, but users would be forced to VPN into the office to access the source code.

141 votes
Vote
Sign in
(thinking…)
Password icon
Signed in as (Sign out)
You have left! (?) (thinking…)
Simon D'Morias shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

12 comments

Sign in
(thinking…)
Password icon
Signed in as (Sign out)
Submitting...
  • Chad Vogel commented  ·   ·  Flag as inappropriate

    This has been the biggest reason I haven’t been able to get few clients to go for TFS on-line because limiting SSO to internal addresses mean making services like office 365 only available to VPN users

  • maria john commented  ·   ·  Flag as inappropriate

    IP restriction is only enforced during user authentication. This is done by the Azure Active Directory Conditional Access capability. Dynamics 365 sets a session timeout limit to balance protecting user data and the number of times users are prompted for their sign-in credentials. Trusted IP restriction for devices including laptops is not applied until the Dynamics 365 online session timeout expires.

    If you are facing a problem with your router IP or any other router problem get help from this www.belkinroutersupportnumber.com/

  • Anonymous commented  ·   ·  Flag as inappropriate

    Such restrictions should also include GIT SSH , i.e. Shouldn't be able to bypass the IP whitelist by using GIT SSH.

  • Laurent Lesle commented  ·   ·  Flag as inappropriate

    I have similar issue where customers don't want their developers to download the source code on untrusted devices or have access to the source code when they have left the company. We need a way to protect the source code for leaks. In other words when a developer leave the company he should not be able to access the source code on his local machine. The solution proposed by Paul Mooij addresses the access to VSTS/Git but does not prevent a developer to access a copy of the source code after he has left the company.

  • Paul Mooij commented  ·   ·  Flag as inappropriate

    there is a workaround to achieve this from Azure AD:
    1 configure your company IP as trusted IP in Azure AD.
    2 restrict access to Azure AD application 'Visual Studio Online' by setting location based access rules to block access when not at work

  • Andy Poots commented  ·   ·  Flag as inappropriate

    Hi - I am facing the exact same issue and I think this would be a very good idea. Did you ever get a response on this???

Feedback and Knowledge Base