Data Loss Prevention - Insider Threat

Hi, Does anyone know if there is anyway to remove this issue in GitLab?

Is there anyway to block access to general repos while still allowing access to your company’s owned one? Issue is that if upload / download is available for gitlab.com then someone could create their own repo and upload internal docs etc.

Thanks in advance,
Paul

:hugs: Please review whether this category fits your question about GitLab topics. If not, please change the category dropdown to switch the guided template automatically.

For support questions about GitLab product usage and features, please check these categories instead:

  1. How to Use GitLab
  2. GitLab CI/CD
  3. GitLab Duo (AI)
  4. DevSecOps
  5. Infrastructure as Code & Cloud Native
  6. Observability

Maybe your question was answered already, or you are hitting a bug?

First of all this isn’t a Gitlab problem. If you have URL filtering on your firewalls, in theory you could create policies that allow certain gitlab.com urls and then reject attempts to use other repositories than your own.

Failing that, you should be looking to install a Data Loss Prevention solution at your site, which has agents installed on all your computers, and this agent has policies synchronised from the DLP server. These policies say what you can/cannot do by tagging files, etc, and either allowing or blocking being copied to USB, sent via email, etc, etc.

Hi iwalker,
Thanks for the info, looking into that now.