 Hello, I'm Ty Davis. You may remember me from the film DevOps, Handle with Care, and Revenge of the Waterfall. Organizations looking to control development assets should take into consideration the benefits that Git has to offer. Git allows a wide variety of branching strategies and workflows. Because of this, many organizations end up with workflows that are too complicated, not clearly defined or not integrated with issue tracking systems. Since many organizations new to Git have no conventions for how to work with it, the repositories can quickly become messy. The biggest problem is that many long running branches and merges that all contain part of the changes. People have a hard time figuring out which branch has the latest code or which branch to deploy to production. There are many valuable approaches you can take, such as making a production branch that reflects the deployed code, you can deploy a new version by merging master into the production branch or creating stable branches using master as a starting point and branches as possible. It should be common to protect the long live branches, for example, the master branch so that most developers can't modify them. So if you want to merge into a protected branch, assign your merge request to someone with maintainer permissions. Permissions in GitLab are fundamentally defined around the idea of having read or write permission to the repository and branches. To impose further restrictions on certain branches, they can be protected by preventing pushes from everybody except users with maintainer permission, preventing anyone from force pushing to the branch, preventing anyone from deleting the branch. So therefore like that, that helps you make any branch a protected branch is strongly encouraged to get code reviewed by reviewer as soon as there's any code to review, to get a second opinion on the chosen solution and implementation, and an extra pair of eyes looking for bugs, security issues, or are there any other problems. The reviewer can be from a different team, but often it's someone who knows the domain really well. Before assigning a merge request to maintainer for approval and merge, you should be confident that it actually solves the problem it was meant to solve. And it does that in the most appropriate way, satisfying all the requirements. So there are no remaining bugs or vulnerabilities, or any underlying issues. Code ownership reduces the risk that the absence or unavailability of any one developer will start or slow work. This increases the chance that the overall design results from sound technical decisions, rather than from some kind of social structure. Retaining the privacy and integrity of your data is crucial. And you can use a GPG key to sign commits made into a repository, enabling dependable data protection that makes it easier for creating digital signatures and file encryption. With GPG, you have a system for encryption of data that afterwards can be transmitted through open communication channels such as email cloud providers, messaging, and many others that are used daily. Protecting and securing product assets is important for every organization. Let's talk about the importance of having the right practices in place to control changes to development assets. Be sure to check out our next video and to continue our conversation around source code management. Go on get