You're on your way to the next level! Join the Kudos program to earn points and save your progress.
Level 1: Seed
25 / 150 points
1 badge earned
Challenges come and go, but your rewards stay with you. Do more to earn more!
What goes around comes around! Share the love by gifting kudos to your peers.
Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!
Join now to unlock these features and more
The Atlassian Community can help you and your team get more value out of Atlassian products and practices.
In coming weeks, admins will gain the flexibility to override IP allowlists
for the Atlassian Cloud Mobile Apps. This is applicable to both managed and
external users, and is offered to Atlassian Access Subscribers.
Get ready to soon override your IP allowlists for the Atlassian Cloud Mobile Apps
In an effort to secure content, many admins and organisations choose to specify the IP addresses that users must access content from, which can lead to highly restrictive working environments. IP allowlist controls who gets in and this is extended to both web and mobile platforms. For full details on the IP allowlists setting: https://support.atlassian.com/security-and-access-policies/docs/specify-ip-addresses-for-product-access/
However, in the coming weeks, you will receive greater control and flexibility over the IP allowlists setting. You will soon be able to override the previously specified IP allowlists for the Atlassian Cloud Mobile Apps; yet continue to maintain security as we run a series of checks to verify the authenticity of the mobile app to ensure it was downloaded from a genuine app store and is not modified.
This setting will be configurable via the Mobile App Management (MAM) Policy. Read more about Mobile Policy https://support.atlassian.com/security-and-access-policies/docs/mobile-app-management-mam-for-atlassian-mobile-apps/ and https://support.atlassian.com/security-and-access-policies/docs/mobile-policy-mam-security-controls-and-supported-apps/
When you use the “Override IP allowlists” setting you can apply security controls on Atlassian mobile apps Jira and Confluence without restricting users to specific IP addresses. This means that mobile app users can access the products even if they are not on the company VPN or within the allowed IP range. This setting can be applied to both managed and external users.
Even though you’re overriding IP allowlists, you can have the confidence that the mobile app is secure. This is because the mobile app runs a series of checks including App Attestation, through which the authenticity of the App itself is verified, ensuring that it was downloaded from a genuine app. Hence providing a high level of assurance that the app is running on a genuine device and has not been modified or tampered with. It is recommended to also enable “Block compromised devices” in conjunction for added security.
Go to admin.atlassian.com . Select your organisation if you have more than one.
Select Security → Mobile Apps
Edit Mobile Policy or Setup a new policy if you have not done so previously)
Select the checkbox “Override any IP allowlists to allow access from Jira and Confluence mobile apps” and Update Policy
Select Security → IP allowlists and see the updated policy
The image above showcases, that once the Override IP allowlist setting is enabled, Mobile apps are exempt from the previously configured IP allowlist policy. This setting is not configurable from the IP allowlist screen. Follow the steps provided above to configure this setting.
Override IP allowlists will be generally available over the coming weeks as it rolls out.
We welcome any feedback about this particular setting, and your suggestions for any other Mobile Security related functionality you would like to see.
Please feel free to use the comments below, however be mindful to never share any personal identifiable information as this is a public forum.