This content is viewable by Everyone

Which GitHub do I use?

Save

Contents

  1. Introduction
  2. GitHub Platforms at UCSF
    • UCSF GitHub Enterprise Server (GHES)
    • UCSF GitHub Enterprise Cloud (GHEC)
    • GitHub.com (Public)
  3. Data Security and Classification
    • Understanding Sensitive Data
  4. Repository Visibility Guidelines
  5. TL;DR – Which GitHub Should You Use?
  6. Integrations and Automation
  7. Getting Started
    • User Account
    • Organization Account
  8. Additional Resources

Introduction

When people say “GitHub,” they usually mean the public website GitHub.com - where millions of developers share open-source code. But that’s not what we’re talking about here.

UCSF provides several GitHub environments to support your development work. Understanding the differences between these platforms is crucial for maintaining security and compliance while meeting your development needs.

In a hurry? skip to the TL;DR – Which GitHub Should You Use? section below.

  Back to Top

2. GitHub Platforms at UCSF

UCSF GitHub Enterprise Server (GHES) - git.ucsf.edu

  • Hosted internally at UCSF
  • Approved for P3/P4 data storage (with appropriate caution)
  • Access limited to UCSF staff and affiliates
  • “Public” repositories are only visible to UCSF users
  • Requires UCSF network/VPN access

UCSF GitHub Enterprise Cloud (GHEC)

  • Enterprise-licensed cloud service
  • NOT approved for P3/P4 data
  • Ideal for cross-institution collaboration
  • Enhanced features like GitHub Actions
  • ⚠️ Public repositories are visible to everyone on the internet

GitHub.com (Public)

  • Standard public cloud version
  • NOT approved for P3/P4 data
  • Available worldwide
  • ⚠️ Public repositories are visible to everyone on the internet

  Back to Top

3. Data Security and Classification

Understanding Sensitive Data

Before choosing a platform, understand UCSF’s data classification:

  • P3 (Protected): Internal research, unpublished data, employee records
  • P4 (Restricted): PHI, SSNs, HIPAA/FERPA-governed data

While GHES is approved for P3/P4 data, remember:

  • Every clone creates a new copy of sensitive data
  • Access must be strictly controlled
  • Consider alternatives to reduce security risks

  Back to Top

4. Repository Visibility Guidelines

For GHES (git.ucsf.edu)

  • Internal (Recommended Default)
    • Suitable for code benefiting other UCSF teams
    • Visible to all UCSF users
    • Protected within UCSF’s security perimeter
  • Private
    • Required for PHI or P3/P4 data
    • Authentication credentials
    • Unreleased research data
    • Security-critical features
  • Public
    • Similar to Internal for GHES
    • Only visible to authenticated UCSF users
    • Appropriate for UCSF-wide resources

For GHEC and GitHub.com

  • Default to Private repositories
  • Public visibility requires careful review
  • Never store sensitive data regardless of visibility
  • All public repositories are internet-visible

  Back to Top

5. TL;DR – Which GitHub Should You Use?

Use CaseRecommended Platform
Handles PHI or P4 dataGHES (git.ucsf.edu)
Internal UCSF collaboration with sensitive researchGHES
General UCSF development with no P3/P4 dataGHEC

  Back to Top

6. Integrations and Automation

Both environments support powerful integrations and automation features:

  Back to Top

7. Getting Started

Request a new User Account

  1. For GHES: Submit a GitHub Account Request Form (requires MyAccess)
  2. For GHEC: Create account at github.com/join

To Join an Existing Organization

To be added to an existing organization, contact your GitHub organization owner. This is usually someone on your team. Ask your colleagues for help. They should be able to add you to the organization. If you're not sure, send us a note at github@ucsf.edu.

Organization Account (to create a new organization)

  Back to Top

8. Additional Resources

  Back to Top