Security Procedures in BitBucket

We currently use Confluence in our organisation for storage of wiki and comments in our IT group.

We are assessing using BitBucket for source control in preparation for potentially moving to JIRA for our backlog management.

We have some security questions which focus on your employment checks for employees that have access to the data held in BitBucket. this is particularly important for us as we are dealing with source code.

Could you tell us:
1. What employment checks you complete on employees and sub contractors with access to the data?
2. What are restrictions of data being copied off the system?
3. Are there any scenarios where you expect to see or have seen data copied off bit bucket?
4. What are consequences for employees who tamper, leak or maliciously impair systems?

I apologize for these questions but until we can get these answered there will be no way we could use Bit Bucket in the cloud (i know we could use on premise but I do not want to hassle of provisioning and maintaining hardware.

I could not find any documentation in your security area that would help me answer these so i thought I would approach directly.

1 answer

0 vote

Hi Elliot, 

You can find all information we publicly share around our security policies under https://www.atlassian.com/security.

The most relevant for your case is likely our cloud security policy https://www.atlassian.com/cloud/security. Under the people and access section it states: 

Within Atlassian, only authorized Atlassian employees have access to application data.

It doesn't provide a detailed outline of our employee process, but rest assured that we take security very serious. 

 

Suggest an answer

Log in or Sign up to answer
Atlassian Community Anniversary

Happy Anniversary, Atlassian Community!

This community is celebrating its one-year anniversary and Atlassian co-founder Mike Cannon-Brookes has all the feels.

Read more
Community showcase
Piotr Plewa
Published Dec 27, 2017 in Bitbucket

Recipe: Deploying AWS Lambda functions with Bitbucket Pipelines

Bitbucket Pipelines helps me manage and automate a number of serverless deployments to AWS Lambda and this is how I do it. I'm building Node.js Lambda functions using node-lambda&nbsp...

1,944 views 1 5
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you