I suggest you ...

ip restrict access to visual studio online

Our company houses our source code in Visual Studio Online. Currently a developer with an account can log in from home and download our entire code base which is basically our intellectual property - not good if they are about to resign and go to a competitor.
My suggestion is to allow IP restrictions on downloading code/workspaces. The rest of the site should be accessible from any IP, but users would be forced to VPN into the office to access the source code.

130 votes
Vote
Sign in
Check!
(thinking…)
Reset
or sign in with
  • facebook
  • google
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    Simon D'Morias shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

    10 comments

    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      Signed in as (Sign out)
      Submitting...
      • maria john commented  ·   ·  Flag as inappropriate

        IP restriction is only enforced during user authentication. This is done by the Azure Active Directory Conditional Access capability. Dynamics 365 sets a session timeout limit to balance protecting user data and the number of times users are prompted for their sign-in credentials. Trusted IP restriction for devices including laptops is not applied until the Dynamics 365 online session timeout expires.

        If you are facing a problem with your router IP or any other router problem get help from this www.belkinroutersupportnumber.com/

      • Anonymous commented  ·   ·  Flag as inappropriate

        Such restrictions should also include GIT SSH , i.e. Shouldn't be able to bypass the IP whitelist by using GIT SSH.

      • Laurent Lesle commented  ·   ·  Flag as inappropriate

        I have similar issue where customers don't want their developers to download the source code on untrusted devices or have access to the source code when they have left the company. We need a way to protect the source code for leaks. In other words when a developer leave the company he should not be able to access the source code on his local machine. The solution proposed by Paul Mooij addresses the access to VSTS/Git but does not prevent a developer to access a copy of the source code after he has left the company.

      • Paul Mooij commented  ·   ·  Flag as inappropriate

        there is a workaround to achieve this from Azure AD:
        1 configure your company IP as trusted IP in Azure AD.
        2 restrict access to Azure AD application 'Visual Studio Online' by setting location based access rules to block access when not at work

      • Andy Poots commented  ·   ·  Flag as inappropriate

        Hi - I am facing the exact same issue and I think this would be a very good idea. Did you ever get a response on this???

      Feedback and Knowledge Base