Lol, our employees who have access to sensitive data cannot be citizens of:
- A country the country our company is based in is currently in war with.
- A communist dictatorship known for pressuring its citizens into stealing IP/corporate secrets abroad.
It's not arbitrary banning from foreign countries on your client's request if there's actually good reasons to take precautions with these nation-states.
And why not? They're a private company they can choose to employ whomever they want as long as they're compliant to local labour laws. There's no "due proccess" in business.
"Finally - it actually looks like Gitlab's security practices are truly lacking. That an employee is Chinese/Russian shouldn't be a consideration - the systems should be tight enough to make sure absolutely no-one has access to customer data without consent - and that any actions taken are logged for auditing. Whenever necessary - pass your employees through a background-check. In sensitive (government) scenarios - restrict to employees with government clearance."
Don't improve HR security practices because you're vulnerable in different ways anyways?
If you as a company simply don't trust the government your employees work under, you cannot trust them with sensitive information, even if they're outstanding trustworthy people.
It's not arbitrary banning from foreign countries on your client's request if there's actually good reasons to take precautions with these nation-states.
And why not? They're a private company they can choose to employ whomever they want as long as they're compliant to local labour laws. There's no "due proccess" in business.
"Finally - it actually looks like Gitlab's security practices are truly lacking. That an employee is Chinese/Russian shouldn't be a consideration - the systems should be tight enough to make sure absolutely no-one has access to customer data without consent - and that any actions taken are logged for auditing. Whenever necessary - pass your employees through a background-check. In sensitive (government) scenarios - restrict to employees with government clearance."
Don't improve HR security practices because you're vulnerable in different ways anyways?
If you as a company simply don't trust the government your employees work under, you cannot trust them with sensitive information, even if they're outstanding trustworthy people.