I work for a large enterprise (30K employees) in the financial/insurance industry. While "IT" isn't our main focus, let's be honest, these are information driven industries and the companies with the better technological advantage seem to get ahead faster.
There are many software development teams at my company. They are all over the map with version control, let alone languages/frameworks used. Some don't use any (I know), some use PVCS, some use VSS, and the most enlightened use SVN.
I want to bring git to my enterprise. More specifically, I want to bring GitHub (private repositories). I know the right people to talk to about this, but let's be honest again, drastic moves like this usually get shot down in the large enterprise setting because of vague security concerns or the fact that none of our competitors are using it (and I can only cite jQuery, Ruby on Rails, Facebook, etc as references).
So my question is this. What are the most compelling reasons of why a large enterprise should slowly and deliberately make the switch from PVCS/VSS/SVN to a hosted git solution like GitHub (private repo). Of course, part of my plan involves a POC for a non-essential development project.
Best Answer
There's a few things I might be concerned with, as a disinterested third party. So let me toss some questions at you that you'd better be prepared to answer (to your IT department):
These are the very first questions that will come up. As to VSS and PVCS you can probably come up with a bunch of reasonably good arguments (like VSS corrupting version history). SVN will be a bit more difficult. I highly recommend focusing on the merge capabilities of GIT, and also recommend keeping an open mind about Mercurial. Every argument for GIT is also an argument for Mercurial--and Mercurial has more mature Windows support.
Security is of paramount importance to financial and government institutions. They will be extremely resistant to externally hosted resources. From a risk management perspective, consider what could happen if someone hacked GitHub and stole the source code, or discovered the security vulnerability documented in the issue tracker. That would be devastating to the company. From a pure management perspective, if the company is legally required to pay you for every hour you work, how can they monitor whether you are working from home when the resources are outside their VPN network? On another note, how can they prevent you from performing some corporate espionage when all the resources are available from outside the company? These are the IT and management arguments against outsourcing the hosting. A large company has to look at things this way. For a small company, you look at the bottom line and how much it would cost to put all those services in place.
It's actually cheaper for the large company to do it in house. They already have the IT resources, they just need to shuffle the responsibilities a bit. And if the solution largely takes care of itself with only periodic maintenance needed (backups and user management), all the more reason to keep it inside corporate doors.
As to Windows hosting, that's an organization by organization issue. Several companies have swallowed the Windows koolaid. Others have swallowed the Linux koolaid. Others consider it on a case by case basis. You'll have to play by the rules the IT department has set for your organization. As long as your solution can be hosted on either, you are golden.
Finally, in such a large organization there are guaranteed to be fiefs all wanting to do things their way. They all have convincing arguments why they chose VSS, PVCS, SVN, or what have you. To IT they are all the same. The only way to consolidate within an organization that large is to have the order come by fiat from above. Such orders are always met with resistance, and it is probably not something your company wants to do unless there are obvious Total Cost of Ownership (TCO) benefits to having a standardized version control system.