Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions
Community
Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning Events Champions
Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning Events Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Assessing cybersecurity risk on the use of Jira and Confluence mobile app

Kelvin Chua
Kelvin Chua
Contributor
March 24, 2026

Hi Everyone,

We are trying to explore and assess the security posture for the Jira and Confluence mobile apps. While the apps boost productivity, they introduce risks like data leakage on unmanaged devices.

I’m curious how others are balancing accessibility with compliance.

Specifically:

Mobile App Policies: Are you using Atlassian Guard to enforce biometrics (FaceID/Passcode) and disable screenshots or data exports (e.g., "Open In" restrictions)?

Mobile Browser possible? vs. App: Have you implemented the policy to block mobile browser access to force users into the more secure, managed app environment?

MDM vs. MAM: Do you rely on Atlassian’s native MAM controls, or do you wrap the apps in a third-party solution like Intune?

Regarding past incidents, while Atlassian hasn't had a major "mobile-specific" breach, the risk remains account takeover and unauthorized data downloads.

How are you handling BYOD for these apps?

Also want to understand if Atlassian is actively adding new features and enhance security to the app? 

I'd love to hear your "lessons learned" .

Comment
Watch
Like Josh likes this
121 views

1 comment

Comment

Log in or Sign up to comment
david_morse
david_morse
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
March 24, 2026

I have spoken to both Microsoft Intune team and Atlassian reps about the security of the mobile apps and the ability to manage them via Intune.  Including such features and protecting the data by storing it in the companies container and allowing auth to use a specific managed browser vs the native browser.

Microsoft informed me that it's up to the application developer to leverage / expose the APIs so that intune can manage the application.

I asked Atlassian if there was plans to perform that hardening so that they could be used with the Atlassian Government Cloud deployments of Jira and Confluence and I was told that the mobile apps would not be supported in that instance.

That was the end of my exploration. 

Like # people like this
Kelvin Chua
Kelvin Chua
Contributor
March 24, 2026

Thanks @david_morse for your sharing. Are there any mobile security or product folks from Atlassian who can weigh in on this? I am also curious whether there are active developments on the mobile on the apps, especially in the area of mobile security and policies. I really want to understand the intended use cases for Jira and Confluence on a small mobile screen.

Like
Reply
groups-icon
Trust & Security
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2026 Atlassian
    Privacy Policy Notice at Collection Terms Security