A governed adoption of Git can help speed up software development, while ensuring the security of source code.
In the first of a two-part blog series we assess the status of Git in the enterprise and discuss major challenges to its adoption.
Git is the world’s leading distributed source code management (SCM) system. In a recent CollabNet survey, 87% of the 838 respondents polled indicated that their enterprises either already use or have plans to deploy Git.
With its flexibility, speed, and powerful branching and merging capabilities, Git represents an opportunity for global enterprises to drive productivity and accelerate application development. For instance, Google has embraced Gerrit (Google’s version of Git) to create Android, the most widely adopted smartphone operating system in the world. Google now hosts all of its example code for mobile applications in Git repositories. Adoption by Google has helped Git/Gerrit also become the preferred code management solution for Android developers worldwide.
Some enterprises and government agencies, however, have been hesitant to adopt Git as a corporate version control standard because of security, governance, and compliance risks inherent in its distributed nature. A key concern pertaining to open-source Git is being unable to locate and protect valuable source code stored on developers’ machines scattered around the world. Additionally, the lack of enterprise-grade access controls deprives companies of the visibility into how code is manipulated and distributed, making it difficult to safeguard the code and prove compliance with export control regulations, for example.
Further, Git facilitates decentralization and deregulation that can be disruptive to traditional IT, business, and engineering policies and procedures, requiring a major process and organizational realignment. Finally, many organizations are cautious about Git as they have large installations of centralized SCM systems like ApacheTM Subversion® to maintain for the foreseeable future. Consequently, adding Git would require them to manage two different version control systems simultaneously – not only at the enterprise, but also at the project level.
While IT and development leadership contemplates on the pros and cons of Git, individual teams often work around the corporate mandates and move forward with Git in any case. As a result, an uncontrollable Git sprawl ensues. In response, many companies employ a “fight-or-flight” tactic. They either prohibit the usage of Git at the corporate policy level altogether or accept non-sanctioned Git deployments regardless of the risks they pose.
There is also a third approach – coming up with a strategy that ensures a governed, controlled, and scalable Git adoption. Stay tuned for Part 2.
To learn more about Git Strategies, visit our Enterprise SCM Solutions Page.