Keeping your organization secure
Organization owners have several features to help them keep their projects and data secure. If you're the owner of an organization, you should regularly review your organization's audit log, member 2FA status, and application settings to ensure that no unauthorized or malicious activity has occurred.
Viewing whether users in your organization have 2FA enabled→
You can see which organization owners, members, and outside collaborators have enabled two-factor authentication.
Preparing to require two-factor authentication in your organization→
Before requiring two-factor authentication (2FA), you can notify users about the upcoming change and verify who already uses 2FA.
Requiring two-factor authentication in your organization→
Organization owners can require organization members, outside collaborators, and billing managers to enable two-factor authentication for their personal accounts, making it harder for malicious actors to access an organization's repositories and settings.
Managing security and analysis settings for your organization→
You can control features that secure and analyze the code in your organization's projects on GitHub.
Managing secret scanning for your organization→
You can control which repositories in your organization GitHub will scan for secrets.
Managing allowed IP addresses for your organization→
You can restrict access to your organization's assets by configuring a list of IP addresses that are allowed to connect.
Restricting email notifications to an approved domain→
To prevent organization information from leaking into personal accounts, organization owners can restrict email notifications about organization activity to a verified domain.
Reviewing the audit log for your organization→
The audit log allows organization admins to quickly review the actions performed by members of your organization. It includes details such as who performed the action, what the action was, and when it was performed.
Reviewing your organization's installed integrations→
You can review the permission levels for your organization's installed integrations and configure each integration's access to organization repositories.