Organizations need different degrees of security and isolation. As we bring more organizations to Gitlab.com it's important to understand each of their needs. 1. **Open Source**: Everyone is free to contribute. These would be public groups. - Example organizations: Gitlab.org - No huge gaps in functionality today. 1. **Closed Source**: The organization has intellectual property that they want to protect. Depending on the size of the company they would have some or all of our existing security features turned on. These organizations may not necessarily mind if users use Gitlab for work and personal as long as the user is effectively removed from their organization when they leave. In some cases, there is an open source component associated with work so it’s expected that users work across several groups. These organizations may want some visibility into user activity but only to make sure that none of their IP is leaked. - Example organizations: Gitlab, Startups, High Tech developer led companies. - Competitor: Github.com Organizations, Bitbucket Standard/Premium. - To satisfy these customers we need to build more security features like forking restrictions, multiple domain email whitelisting, sso improvements, ux to prevent creating things in the “wrong” place. They may also be managing large user sets to providing ways to automate provisioning (API, SCIM) and management is important. 1. **Isolated**: The organization wants the experience of having a self managed instance without the management cost. Because of compliance they want a clear delineation of work and personal use. They may also want to separate employees personal activity to limit their liability in case of malicious activity. - Example organizations: Regulated industries. - Competitor: Github enterprise, self managed Github instance or self managed Gitlab instance. - To satisfy these customers we need to build features like managed users. We need to have a very clear “bubble” for their organization. They also need ways to monitor all user activity just like they would be able to in a self managed instance.