Is data at rest encrypted for Atlassian cloud services?

I am primarily interested in the Confluence and BitBucket cloud services. 

When data stored by these services is just sitting at rest on Atlassian's drives, is it encrypted or not?

 

4 answers

Can we please get a straight answer to this question?  That URL has no info pertaining to this question.

Most of the others on this site are users, like you. I've never seen any information regarding your question, so I'll hope @Logostech Atlassian Support notices your question.

0 votes
Pedro Cora Atlassian Team Nov 20, 2014

Hi Eric,

I recommend you to take a look at this page: https://www.atlassian.com/hosted/security. It contains the answer to your question. smile

-- Pedro

So, the answer is 'no, it is not encrypted'? I do not see any comment on encryption while the data is at rest. They do mention that backups are encrypted. If the answer is 'no', please update your answer stating this explicitly and I will mark it as the answer.

Agreed- there is no mention of encryption at rest in that document which I already reviewed.  There is the same question from a different user which received the same response.  Can we simply have a straight response of "YES" or "NO" to this question?

@Pedro Cora [Atlassian] - Sounds like some follow-up is expected from you on this.

Dear Atlassian team,

Could you update us all on this question? This can sometimes be a compliance issue and we do need to be clear on this matter whether data is encrypted at rest on not (and with which encryption protocols / methodology) for:

  • Attached documents (uploaded)
  • Pages, tickets...

Clearly understood that all communications use TLS 1.2, but this may not be enough information for us.

Understood we can also protect and encrypt some documents sent also with some plugins available, but for example you could already maybe have an encryption at rest leveraging S3 bucket capabilities (if using AWS)?

do we have a precise information on how to handle data at rest in bitbucket cloud

The answers are posted in their documentation.

https://www.atlassian.com/trust - contains everything

 

Your answer specifically is located at 

https://www.atlassian.com/trust/security/security-practices#faq-5fd9f2cf-d7c7-40fa-af1f-854e2d9f3f48

Content stored within Jira Cloud and Confluence Cloud isn't encrypted. However, attachments on storage in AWS are encrypted. We believe we can rely on the physical controls and management at AWS, as well as transit-level encryption to protect customer data. A minimum of 128-bit Advanced Encryption Standard (AES) is used for attachments.

Suggest an answer

Log in or Sign up to answer
Community showcase
Published Mar 12, 2019 in Confluence

Confluence Admin Certification now $150 for Community Members

More and more people are building their careers with Atlassian, and we want you to be at the front of this wave! Important Dates Start the Certification Prep Course by 2 April 2019 Take your e...

1,165 views 2 13
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you