Cloud Migration Assistants are transitioning to improved hashing standards

Hello Atlassian Community,

In order to enhance the security and reliability of your data migrations, we are implementing updates to the Jira Cloud Migration Assistant (JCMA) and Confluence Cloud Migration Assistant (CCMA).

What's changing?

Starting with our July 2024 releases, we will shift from SHA1 and MD5 hashing algorithms to the more secure SHA256. This adjustment aligns with our goal of achieving FedRAMP Moderate authorization and complying with international security standards.

To ensure a seamless transition and upgrade process, we will still support the following Cloud Migration Assistants (CMAs) using SHA1 and MD5:

  • JCMA: Versions 1.11.12 and below
  • CCMA: Versions 3.10.0 and below

warning Support for these versions will be available until February 1, 2025. From this date onward, all migrations must be carried out using our latest CMA versions, which offer enhanced security and reliability.

Key dates:

  • Now to January 31, 2025:

    • Upgrade your CMAs to the latest CMA versions supported by SHA256:

      • :check_mark: JCMA 1.11.13 and above

      • :check_mark: CCMA 3.10.1 and above

  • February 1, 2025 and onward:

    • We’ll stop supporting the following CMA versions:

      • :x: JCMA 1.11.12 and below

      • :x: CCMA 3.9.17 and below

Attempts to run your migration with these outdated versions will result in migration failure.

Benefits of the latest upgrade:

:heavy_plus_sign: Enhanced security: Strengthens data protection during migration, safeguarding against potential vulnerabilities and breaches.

:heavy_plus_sign: Compliance: Aligns with the latest global security standards, including FedRAMP, so your migration process remains compliant.

:heavy_plus_sign: Improved performance: Enhances speed and performance to ensure a smoother and more reliable migration experience.

How to upgrade your Cloud Migration Assistants:

Starting a new migration?

Upgrading from an older version?

  1. Check your current version:

    • Go to Administration > Manage apps.

    • Search for Jira Cloud Migration Assistant and Confluence Cloud Migration Assistant.

    • Verify the app version and update it to the latest version.

  2. Pre-migration check prompt:

    • Upgrade to the latest version when prompted during pre-migration checks.

Completed a test migration with an older version?

  • Retest with the latest version: It’s recommended to retest your migration with the updated version to ensure compatibility and enhanced security.

 

If you have any questions or need assistance in upgrading to the latest versions of JCMA or CCMA, contact us.

Thank you for joining us on this journey to a more secure cloud migration!

 

Warm regards,

The Atlassian Migration Team

4 comments

Comment

Log in or Sign up to comment
Taiwo Ojo - Alluvium
Contributor
August 8, 2024

Thanks for the update @Casey Chatman 

Like Casey Chatman likes this
Hans Polder
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
August 8, 2024

@Casey Chatman ,

Thanks for the clear article! Did you really intend to write version ':x: JCMA 2.22.22 and below' as not supported? I feel like you intended to write 1.11.12 or 1.11.11 ;)

 

Tim Eddelbüttel
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
August 8, 2024

Is the terminology of encryption really appropriate when you talk about MD5, SHA1 and SHA256? 

It's not encryption, it's hashing of a string or binary with the intent is to prove its authenticity by validating a string or binary against the hash.

Casey Chatman
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
August 9, 2024

Hi @Tim Eddelbüttel

Thank you for your insightful comment! You're absolutely right, and we appreciate your attention to detail.

The terms "MD5", "SHA1", and "SHA256" indeed refer to hashing algorithms, rather than encryption standards. Hashing is used to ensure data integrity and authenticity, whereas encryption focuses on data confidentiality.

We value your input, as it helps us maintain accuracy and clarity in our communications. Thanks for helping us keep the Atlassian Community informed and knowledgeable!

Best,

Casey

TAGS
AUG Leaders

Atlassian Community Events