For a startup, the product is the most important asset, but it seems that in many/most startups (I know), the complete code base is shared among every member of the team. Even complete database access is shared, too.
I know that accessing the complete code base may make the process easier and faster, but it's very dangerous and unprofessional because, in a startup, employees come and go so often. And you are the one who fire them.
I assume that most startup doesn't want to get involved in any kinds of lawsuits, which take unnecessary time and money. Thus, protection beforehand is much better.
How could you deal with this situation? What's your method of protecting your code base?
The main differences between development at a startup and at any other enterprise are that at a startup, you are more likely to have fewer developers, rapid releases, scattered code and deployments, and overall, more chaos.
However, in a modern software company -- startup or otherwise -- it is unrealistic to expect that your employees won't have access to your codebase. Even if you attempt to partition the code based on access rights to repositories, your developers are likely to intermix and re-deploy your code as it suits their productivity.
There are some basic best practices you should follow, some of which it sounds like you already are:
Although there are best practices for some of these, the law around software is constantly evolving, and many gray areas do exist. There is no substitute for real legal counsel on these matters, and if you are serious about protecting proprietary software inventions, you need to have somebody audit everything and make sure you are on track.
These issues are ones that every software company faces, regardless of size. My final advice is, don't get bogged down worrying about all of these details, but do spend as much time as you feel is necessary given your investment in the software. If, as you say, the entire value of your company is in the software product, then you stand to lose a lot if somebody attacks the code. Were it me in that situation, I would immediately seek legal counsel and look for next steps in securing your investment in your product.
Does your code need to be protected - is it the "secret sauce" of your product? Unless your code is your competitive advantage, I wouldn't worry about others walking away with some knowledge of it, unless you deal with ecommerce and customer data, especially personally identifiable information (PII is email, name, dob, etc).
Basics: All programmers should have their own accounts for your code repo, no sharing. If you have sensitive data, have separate accounts to manage that data with only your most senior developers using those accounts. Have people running DB reports use read-only accounts, ideally with limited access to tables they run reports on.
Everyone so far has given great advice, but protecting the code isn't as important as protecting the client list is. if I had Microsoft's Windows 8 code, it really wouldn't mean much as I don't have the resources to monetize it.
Source code isnt the product unless you are literally selling source code. Everything is the product, from the app to the customer support, the public face, the problem that it solves for the customer, etc, etc, etc.
ex: having Stack Exchange's source code means nothing because you don't have Stack Exchange's customers. That isn't to say this isn't necessarily a bad problem to solve, just that there are more pressing and urgent matters.
Webbie has good practical advice. I'd add "Keep journals of access to the code." That way, if a version of it shows up in the wild, you may be able to track it back to when it was pulled from the repository. Some repositories will also add a watermark. Also: