I'd love to know your thoughts on which of the following security and trust signals you would personally look for when deciding to install a Marketplace App?
1 - Cloud Fortified Status
2 - Positive User Reviews
3 - Atlassian Marketplace Level (Silver, Gold Platinum)
4 - Other trust indicators (please comment)
Here are my rigorous criteria to follow when acquiring an app. I made those after using different apps for the first 4-6 years and I have been using Atlassian products (admin) and apps for 14 years now, Keep in mind that depending on the rarety of a functionnalities found in an app, we may not follow those criteria.
Supplier:
If the supplier meets these criteria, contact them to obtain a short- and medium-term roadmap (1-3 years).
Apps:
After that it goes through the homologation process, it is really severe so it may not pass muster.
Carmen
Hi @Carmen Nadeau ! Just curious - could you share any examples of a partner with adequate documentation? What's your criteria for high quality docs? Thanks!
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Scriptrunner, Refined and Deviniti have good documentation.
It is important to have a good doc for the admin AND the user
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
@Carmen Nadeau lots of good points.
I would add cost.
An app with the most installs can have a higher price, but is it value for money? Test at least two, often lots of options in the marketplace, you would be surprised the difference. A new app can have a younger code base which can actually make it better. Use the pricing calculator to see the price before you install.
How many installs is enough for you to have confidence in an app?
That's a tricky one, I get why @Carmen Nadeau says 500, but that number is misleading for cloud. It could be 400 server installs, while as a cloud user you can more about the 100 for cloud. Many of the sever installs could be for many years ago when competitors didn't exist.
Atlassian says at some point the will separate data center versus cloud installs, and at the same time I believe delete the server numbers. An app that is cloud only illogically looks weaker than one with also a server version, especially one that has been in existence for a long time.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Of course cost is important, but for us the fonctionnalities will be the important factor between the 2 apps, because they are NEVER identicals.
As for the number of installs vs an older app, for us, being an older app means that the supplier believe in the app and it is a more mature app, with less bugs and probably more fonctionnalities.
When the cie you work for is a financial cie, those criteria are important (we are very much risks averse).
Of course every business has their own criteria, those are ours. If yours are less restrictive, more power to you !
Carmen
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Wow @Carmen Nadeau that is an awesome list and I really appreciate it. As an app developer, it helps us a lot as we can use it as a bench more for what we prioritize off in terms of the things that we can be working on.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi @Stu Lees ️ REVYZ, it's great to see such an interesting question.
Like you mentioned, the first thing I will look for is the Cloud fortified status of a specific app. This proves that I can rely on the vendor who made the app to keep my data secured. And besides, it also relates to other trust indicators like SOC 2 or Penetration Test results. I personally believe these indicators can greatly affect my decision when installing an app.
Although User reviews plays a big role, I will pay more attention to the most recent reviews rather than the overall positive ones 😉
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Thanks @Lucas_DevSamurai_ , this is awesome. I really appreciate your input
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
@Stu Lees ️ REVYZ built in Forge and supports data residency.
Forge is the new cloud app development platform by Atlassian. We build all our apps in Forge. All data remains within your Confluence instance. By default Forge supports data residency.
"Secure by design
With Forge, you’re in control of how and when data leaves Atlassian cloud. As a FaaS platform Forge takes care of authentication, identity, scaling, and tenancy.
Forge apps run inside a second security layer that enforces tenancy isolation and data egress restriction by design. See our shared responsibility model, for what’s shared between you and Atlassian when building a Forge app."
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
@Carmen Nadeau "If yours [requirements] are less restrictive".
I'm not saying that at all. I'm saying that if you are a cloud user and you are comparing a cloud only app versus one with cloud, server and data center versions then the install numbers can be unequal comparisons.
I don't think a lot of users know that installs are totals, it is like having an iPhone app and the Mac app version for the same app being the same install number, this is not done. I support Atlassian's commitment to changing the number to separate cloud and data center installs. They didn't give a timeline.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Thanks @Stavros_Rougas_EasyApps much appreciated
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Not an answer, just a BIG THANKS to @Stu Lees ️ REVYZ for posting this 'poll' and all the responders! Your contributions are so valuable.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.