Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Celebration

Earn badges and make progress

You're on your way to the next level! Join the Kudos program to earn points and save your progress.

Deleted user Avatar
Deleted user

Level 1: Seed

25 / 150 points

Next: Root

Avatar

1 badge earned

Collect

Participate in fun challenges

Challenges come and go, but your rewards stay with you. Do more to earn more!

Challenges
Coins

Gift kudos to your peers

What goes around comes around! Share the love by gifting kudos to your peers.

Recognition
Ribbon

Rise up in the ranks

Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!

Leaderboard

Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
4,414,272
Community Members
 
Community Events
170
Community Groups

Is data at rest encrypted for Atlassian cloud services?

I am primarily interested in the Confluence and BitBucket cloud services. 

When data stored by these services is just sitting at rest on Atlassian's drives, is it encrypted or not?

 

6 answers

1 accepted

1 vote
Answer accepted
lauren Atlassian Team Jun 18, 2019

Hi @Eric40@Paul Grover, and @Michael Daoust

I just wanted to provide an update here.

We recently announced that Atlassian now encrypts customer data at rest.

Data drives on servers holding customer data and attachments in Jira Software Cloud, Jira Service Desk Cloud, Jira Core Cloud, Confluence Cloud, Statuspage, OpsGenie, and Trello use full disk, industry-standard AES-256 encryption at rest. To learn more, please see our Security Practices page.

We post updates related to security, privacy, compliance, and more in our Trust & Security groupFeel free to post related questions and feedback there! 

Best,

Lauren

Seth Rising Star Jun 20, 2019

Well, that took a while, but glad to hear it!

Like lauren likes this

Does this mean that BitBucket repositories on a free account are encrypted everywhere Atlassian stores them?

lauren Atlassian Team Sep 19, 2019

@jamesmaniotis No, Bitbucket data is not fully encrypted. 

Here's the line from our documentation: 

Data drives on servers holding customer data and attachments in Jira Software Cloud, Jira Service Desk Cloud, Jira Core Cloud, Confluence Cloud, Statuspage, OpsGenie, and Trello use full disk, industry-standard AES-256 encryption at rest. Customer data on Bitbucket Cloud is not fully encrypted at rest.

By encryption at rest we mean that we encrypt customer data that is stored on a disk such as Jira issue data (details, comments, attachments) or Confluence page data (page content, comments, attachments). Data encryption at rest helps guard against unauthorized access and ensures that data can only be access by authorized roles and services with audited access to the encryption keys.

Hi,

When is Bitbucket data encryption at rest available?

If it is not available today out of the box, is there any other way to achieve it?

Please let me know.

Niru

Unfortunately, this still means that anyone at Atlassian with access to the encryption keys can read our data in glorious full text, the fact that access is audited means very little to the end-user. How about transparent encryption of the DB rows themselves? You can store IDs or whatever, but the sensitive data (like meeting notes or business plans) is encrypted even to you, Atlassian. Is that something you are considering or is better to switch to server versions in order to protect better our data? Thanks

Like Mattias Vannergård likes this

The answers are posted in their documentation.

https://www.atlassian.com/trust - contains everything

 

Your answer specifically is located at 

https://www.atlassian.com/trust/security/security-practices#faq-5fd9f2cf-d7c7-40fa-af1f-854e2d9f3f48

Content stored within Jira Cloud and Confluence Cloud isn't encrypted. However, attachments on storage in AWS are encrypted. We believe we can rely on the physical controls and management at AWS, as well as transit-level encryption to protect customer data. A minimum of 128-bit Advanced Encryption Standard (AES) is used for attachments.

Can we please get a straight answer to this question?  That URL has no info pertaining to this question.

Does this mean that BitBucket repositories are encrypted for free accounts everywhere Atlassian stores them?

0 votes
Pedro Cora Atlassian Team Nov 20, 2014

Hi Eric,

I recommend you to take a look at this page: https://www.atlassian.com/hosted/security. It contains the answer to your question. smile

-- Pedro

So, the answer is 'no, it is not encrypted'? I do not see any comment on encryption while the data is at rest. They do mention that backups are encrypted. If the answer is 'no', please update your answer stating this explicitly and I will mark it as the answer.

Agreed- there is no mention of encryption at rest in that document which I already reviewed.  There is the same question from a different user which received the same response.  Can we simply have a straight response of "YES" or "NO" to this question?

Seth Rising Star Jan 20, 2016

@Pedro Cora [Atlassian] - Sounds like some follow-up is expected from you on this.

Dear Atlassian team,

Could you update us all on this question? This can sometimes be a compliance issue and we do need to be clear on this matter whether data is encrypted at rest on not (and with which encryption protocols / methodology) for:

  • Attached documents (uploaded)
  • Pages, tickets...

Clearly understood that all communications use TLS 1.2, but this may not be enough information for us.

Understood we can also protect and encrypt some documents sent also with some plugins available, but for example you could already maybe have an encryption at rest leveraging S3 bucket capabilities (if using AWS)?

do we have a precise information on how to handle data at rest in bitbucket cloud

0 votes
Seth Rising Star Nov 20, 2014

Most of the others on this site are users, like you. I've never seen any information regarding your question, so I'll hope @Logostech Atlassian Support notices your question.

Suggest an answer

Log in or Sign up to answer
TAGS

Atlassian Community Events