Source Code Security Strategies

I have a general question about enterprise source control security strategies.

We seem to have the following considerations:

1. On-Premise (in a datacenter owned by the company) versus a third party provider (like AWS, GitHub, etc.)

2. Platform (e.g., On-Premise GitHub, On-Premise GitLab, AWS CodeCommit, Azure DevOps Git, etc.)

3. Repo Specific Incident Impact (e.g., maybe it’s not a huge deal if some utility scripts get leaked, but if the application code of the companies most valuable product gets leaked, …

aws azure code code security control cybersecurity datacenter devops enterprise etc general git github gitlab impact incident party platform premise question repo security security strategies source code strategies the company third third party provider