- Technology

GitHub vs. backup – what you should know about source code protection

Nowadays, most Git users host their repositories within such services like GitHub or Bitbucket. It’s a more practical, convenient, and…safe way. Why? Let’s use GitHub as an example. It provides us not only with hosting services but also authorization and integration with many services. Thanks to some of them, we don’t even have to keep our projects on local machines or prepare a dedicated IT infrastructure – everything is available in the so-called external repository.

Is GitHub a safe place for my data?


Let’s find out what GitHub offers us and whether the data stored there is secured. First of all, to start using this service, we must sign up and create an account. For the security measures It is crucial to use a strong password and change it on a regular basis.

The good security practice is to create and set a special authorization token associated with our account. Then, only accounts with the appropriate token will be able to access the protected repository.

The third idea is to use an SSH connection – encrypted and in theory making it impossible to intercept communication. Additionally, it is recommended to use 2FA (two-factor authentication), for example by verifying a login attempt with another device (phone app), or code from SMS.

GitHub vs. backup – brief comparison

Generally, we can treat GitHub as a safe place for our data. But we cannot equate it with backup – the difference is huge. Git is only a tool and GitHub a place where we host it in a safe way but backup is something different. In short definition backup is a copy (compressed and encrypted) of data stored on the safe storage (cloud, local, both) so that it may be used to restore the original data after any event of failure or data loss. A reliable backup software should provide you with automation, central management, encryption, compression, versioning, long-term retention and instant recovery technologies.

GitHub as a backup?  

No. End of the story. It is a great tool but with a totally different purpose. It does not have the above-mentioned features and in spite of all its benefits, calling GitHub a backup is basically wrong. To keep proper copies of your repositories it is worth using third-party backup software. Even GitHub itself recommends having such a software in its official documentation. So why not combine those tools and enjoy the benefits of each? GitHus as a hosting and authorization tool and third-party backup as a data protection guarantee. Let’s use GitProtect.io GitHub backup as an example. It has not only all the above-mentioned features but also a transparent UI, advanced monitoring (audit logs, stats, email and Slack notifications), anytime-anywhere access (web console), and plenty of recovery options – point-in-time, granular and crossover recovery that actually let you restore your repositories to another organization or even to other hosting services (i.e. from GitHub to Bitbucket and conversely) – so migration is easy now. Once, you know Git and GitHub is not a backup itself, you know the source code protection rests in your hands.