I did read this announcement: https://community.atlassian.com/t5/Jira-articles/Announcement-Control-access-to-your-issues-on-next-gen-using/ba-p/1430115

But I don't seem to have the lock option available nor the jira field to restrict permissions in our Jira. We are running Server 4.2.2

Hi Dario,

the announcement is for Jira Cloud (and there specifically Next-Gen projects).
The feature does not apply to Jira Server.

Two options that you have on Server:

• Configure issue-level security
  https://confluence.atlassian.com/adminjiraserver/configuring-issue-level-security-938847117.html
• Permission Schemes
  https://confluence.atlassian.com/adminjiraserver073/managing-project-permissions-861253293.html#Managingprojectpermissions-permission_schemes

Here, in a brief, the differences:

Issue security levels are created within issue security schemes and let you control which user or group of users can view an issue. When an issue security scheme is associated with a project, its security levels can be applied to issues in that project. Sub-tasks will also inherit the security level of their parent issue.

A permission scheme is a set of user/group/role assignments for the project permissions listed above. Every project has a permission scheme. One permission scheme can be associated with multiple projects.

A note at the end: even if you restrict Jira-Admins from seeing sensitive stuff ("prevent them from seeing everything") it comes by the nature of this role that they still could grant themselves access to all information. There is nothing you could do about it - but for most cases doing something like this is logged so you can still talk to the administrators.

Cheers,
Daniel

Hi Dario

I don't think you can do this at the project admin level.

One way that you can achieve this is by applying an Issue Security Scheme to the project to set different security levels for individual issues. These security levels can be mapped to project roles, groups or users so you can determine who can modify the issue security and which users can access them. I would suggest reaching out to your Jira admin(s) and see if they can set this up for your project specifically - this type of setting doesn't need to applied to your whole instance.

In my org we have some projects that have restricted & unrestricted security levels and users set the security level ad-hoc whereas for other teams we automate this based on criteria set (e.g. field value or label) when the issue is created and set the security level automatically. This automation is done via the use of a Jira addon as its not out of the box functionality.