We run it in our VPN with SSO for authentication. You'd need a company device, user credentials and a location that's whitelisted to access.
For smaller companies something like Cloudflare Teams and/or Tailscale would probably also add a good layer of extra security. I guess it's important to have some device whitelisting in addition to credentails, so that stolen credentials alone are not enough to access code or chat.
For smaller companies something like Cloudflare Teams and/or Tailscale would probably also add a good layer of extra security. I guess it's important to have some device whitelisting in addition to credentails, so that stolen credentials alone are not enough to access code or chat.