Best way to Secure Your Atlassian Data Center (DC)

We use a variety of applications in our daily lives, and we all understand how important it is in the present era to have security and prevent our data from being exposed to hackers. In this article, we will go over the fundamentals of how to secure your apps with the help of SSO and 2FA and how they should be used with Atlassian applications. Let’s start understanding it step by step!

 

Single Sign-On (SSO)

SSO is an authentication process that allows a user to login into a variety of application using a single set of credentials i.e username and password, for example, if you are using different Atlassian applications such as Jira, Confluence, etc then for each application instead of using a different set of login credentials you can only use a single set of login credentials to gain access to these applications. 

single-sign-on-sso.jpg

 

Two-Factor Authentication (2FA) 

Two-Factor Authentication or 2FA is a security process in which two sets of information are required for authentication i.e something you know along with something you have. For example, you know your login credentials such as username and password along with an OTP or a Security token which you have.

 

How 2FA solve username and password problems?

Atlassian products such as Jira, Confluence are used by all of us, each for a different purpose. Protecting these applications with just a username and password is not enough, therefore adding an extra layer of authentication such as 2FA makes our application much more secure and generates single-use code that is either shown in their security token or sent as a text message to a mobile phone. 

2FA.jpg

 

How SSO and 2FA work together?

Authentication methods such as SSO makes login easier for us. But many times it is seen that people use only a single set of credentials for multiple applications and also save those credentials online. Human flaws such as these can cause severe data loss. To overcome such flaws, 2FA can be implemented along with SSO which will add an extra layer of security for data protection.

2FA+SSO.png

 

There are few ways through which 2FA and SSO can be implemented together: 

  1. When your Identity Provider(IdP) or Identity Access Management(IAM) supports 2FA.
  2. When you use some add-on present in the Atlassian marketplace and when Identity Provider(IdP) IDP does not support 2FA.

 

Identity Providers (IdPs) that support 2FA - 

If you are currently using a commercial Identity Service, you will be offered several choices for Two Factor Authentication/Multi-Factor Authentication. There are a lot of ways through which one can go passwordless these days. 

These are names of a few IdP that provide 2FA along with SSO: 

  • miniOrange  
  • Okta
  • One Login
  • Azure AD
  • AuthO
  • Google Cloud Identity

 

Dedicated 2FA apps for Atlassian Products - 

There are several add-ons available on the Atlassian marketplace which provide dedicated 2FA plugins for Atlassian Products such as Jira, Confluence, etc one among them which is highly rated and recommended by customers is Two Factor Authentication(2FA) by miniOrange.

 

Why miniOrange 2FA?

miniOrange Two-Factor Authentication (2FA) application ensures the right set of eyes have access to your sensitive information sitting on-premise. Among all the plugins present in Atlassian Marketplace which provide 2FA, Two Factor Authentication(2FA) by miniOrange provides a wide range of authentication as well as customizable features, one of which is customizable 2FA on top of SSO.

 

Benefits and a few of our top features are mentioned below - 

  1. Multi-Language Support through Customizable Templates - Users can customize a variety of templates depending upon their needs and requirements.
  2. Easy Registration - Notify users to secure their Atlassian account by prompting 2FA configuration setup during user enrollment.
  3. Customizable 2FA on top of SSO - Users can now decide if they want 2FA authentication on top of SSO or if they want to skip it with our customizable feature.
  4. Protection against Brute Force Attack.
  5. Compatibility - miniOrange 2FA add-on is compatible with Jira, Confluence, Bitbucket and Bamboo Server, and Data Center versions. 2FA for Crowd will be released soon.
  6. User-Friendly - miniOrange 2FA plugins are easily deployable and can be configured easily. We also provide end-to-end configuration support for a new user. 
  7. 24/7 high-quality support - We provide 24/7 high-quality support through call as well as through emails.

 

For a detailed study of SSO and 2FA implementation with Atlassian Application refer to this link and in case of any queries, please feel free to drop us a mail at info@xecurify.com

1 comment

Comment

Log in or Sign up to comment
M Amine
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
June 9, 2021

Amazing article

Like # people like this
TAGS
AUG Leaders

Atlassian Community Events