I'm asking about the file storage itself: If somebody steals the harddisks of the Bitbucket servers, will he be able to just read all the data off of the disks or ist the data encrypted and he has to crack the encryption?
Dennis, thank you for your comments. Since Bitbucket is not using whole-disk encryption or any other at-rest encryption for repositories, how do you ensure that data can never be recovered by an unauthorized party from decommissioned disks? A concern here would be disks that are returned to a manufacturer for warranty replacement, for example, or disks that are retired due to a capacity upgrade or non-warrantied fault.
Incidentally, Amazon’s new CodeCommit service makes a feature of encrypting data at rest: ‘our repositories are also automatically encrypted at rest through AWS Key Management Service using customer-specific keys’. It is disappointing that Atlassian doesn’t think this is an important feature. I would argue that at-rest encryption is a near-essential requirement for any repository used to store certificates, private keys, access ids, etc.
I take your point. There is, however, a trade-off between security and convenience. Whole-disk encryption for the repository is a convenient improvement in security. There’s another use case, though, and that’s one that applies to us. That’s where the repository is storing proprietary, company-confidential source code. The entire repository then needs to be treated carefully, with reasonable precautions used to protect it. I may decided to trust Bitbucket, but that doesn’t mean I want to have to trust their hard disk vendors or the refuse collectors handling their decommissioned disks.
Thanks for the comment. I understand, that Atlassian has to prioritize their user's needs. As nearly all the products are aimed at business users, I'm wondering why at-rest data encryption does not seem to be a high priority feature. In our case the at-rest encryption of data is a requirement of one of our customers. So this probably means, that we have to replace Bitbucket with another solution.
As with most cloud code management products, Bitbucket’s hard disks are not encrypted at rest. This is due to performance and infrastructure implications, such as recovery of data in the case of catastrophic failure. However, all passwords are hashed and salted. Repositories are kept on disk, but the details on repository ownership and access are kept on separate disks.
We focus on keeping our networks and machines as secure as possible. This includes limited network access and keeping our machines and software up to date against the latest security vulnerabilities. All private data to clients is encrypted in transit via SSL. We update our customers on the latest security updates via our blog. Here are a few examples from the past:
In addition, the event of our hard disks being stolen from the data center is unlikely. Our data center has IC card and biometric authentication with limited access for approved Bitbucket and data center technicians. It’s also equipped with CCTV monitoring and 24/7 on-site security presence against unauthorized entry.
If you have any additional questions, please email firstname.lastname@example.org
Bitbucket Product Manager
Hello! My name is Mark Askew and I am a Premier Support Engineer for products Bitbucket Server/Data Center, Fisheye & Crucible. Today, I want to bring the discussion that Jennifer, Matt, and ...
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG
You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs