I am trying to find out if Bitbucket Cloud is registered as an authorized user under DDTC and if the encryption of data stored in Bitbucket Cloud meets FIPS 140-2 encryption requirements.
Hi @Sean Wuttke
Bitbucket Cloud is certified with industry standards such as SOC II, SOC III, PCI DSS, ISO/IEC 27001, ISO/IEC 27018, and GDPR. A list of compliance documents may be found below:
Hope this helps.
Cheers!
- Ben (Bitbucket Cloud Support)
Thanks Ben, I take it than that the answer is as followed. Bitbucket is not registered as an authorized user with Directorate of Defense Trade Controls (DDTC) and doesn't abide by the FIPS 140-2 encryption requirements. As neither of these seem to be located in the link that you attached.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi @Sean Wuttke
Correct, sorry I should have been more clear.
Upon further digging, I've found that FIPS 140-2 is a requirement for FedRAMP Moderate.
As for DDTC - Atlassian products do comply with United States export controls and economic sanctions regulations and laws regulating international transactions, more information regarding export controls can be found below:
Please let me know if further information is required.
Cheers!
- Ben (Bitbucket Cloud Support)
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.