Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Is data at rest encrypted for Atlassian cloud services?

Eric40
Eric November 20, 2014

I am primarily interested in the Confluence and BitBucket cloud services. 

When data stored by these services is just sitting at rest on Atlassian's drives, is it encrypted or not?

 

Answer
Watch
Like # people like this
4899 views

6 answers

1 accepted

1 vote
Answer accepted
lauren
lauren
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
June 18, 2019

Hi @Eric40@Paul Grover, and @Michael Daoust

I just wanted to provide an update here.

We recently announced that Atlassian now encrypts customer data at rest.

Data drives on servers holding customer data and attachments in Jira Software Cloud, Jira Service Desk Cloud, Jira Core Cloud, Confluence Cloud, Statuspage, OpsGenie, and Trello use full disk, industry-standard AES-256 encryption at rest. To learn more, please see our Security Practices page.

We post updates related to security, privacy, compliance, and more in our Trust & Security groupFeel free to post related questions and feedback there! 

Best,

Lauren

View More Comments
Seth
Seth
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
June 20, 2019

Well, that took a while, but glad to hear it!

Like lauren likes this
jamesmaniotis
jamesmaniotis September 18, 2019

Does this mean that BitBucket repositories on a free account are encrypted everywhere Atlassian stores them?

Like
lauren
lauren
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
September 19, 2019

@jamesmaniotis No, Bitbucket data is not fully encrypted. 

Here's the line from our documentation: 

Data drives on servers holding customer data and attachments in Jira Software Cloud, Jira Service Desk Cloud, Jira Core Cloud, Confluence Cloud, Statuspage, OpsGenie, and Trello use full disk, industry-standard AES-256 encryption at rest. Customer data on Bitbucket Cloud is not fully encrypted at rest.

By encryption at rest we mean that we encrypt customer data that is stored on a disk such as Jira issue data (details, comments, attachments) or Confluence page data (page content, comments, attachments). Data encryption at rest helps guard against unauthorized access and ensures that data can only be access by authorized roles and services with audited access to the encryption keys.

Like
Deleted user January 24, 2020

Hi,

When is Bitbucket data encryption at rest available?

If it is not available today out of the box, is there any other way to achieve it?

Please let me know.

Niru

Like
SG
SG April 22, 2020

Unfortunately, this still means that anyone at Atlassian with access to the encryption keys can read our data in glorious full text, the fact that access is audited means very little to the end-user. How about transparent encryption of the DB rows themselves? You can store IDs or whatever, but the sensitive data (like meeting notes or business plans) is encrypted even to you, Atlassian. Is that something you are considering or is better to switch to server versions in order to protect better our data? Thanks

Like Mattias Vannergård likes this
Mattias Vannergård
Mattias Vannergård May 25, 2021

Also see https://jira.atlassian.com/browse/CLOUD-10905

Please vote up!

BR
/Mattias

Like
Reply
1 vote
Michael Daoust
Michael Daoust October 22, 2018

The answers are posted in their documentation.

https://www.atlassian.com/trust - contains everything

 

Your answer specifically is located at 

https://www.atlassian.com/trust/security/security-practices#faq-5fd9f2cf-d7c7-40fa-af1f-854e2d9f3f48

Content stored within Jira Cloud and Confluence Cloud isn't encrypted. However, attachments on storage in AWS are encrypted. We believe we can rely on the physical controls and management at AWS, as well as transit-level encryption to protect customer data. A minimum of 128-bit Advanced Encryption Standard (AES) is used for attachments.

View More Comments
Paul Grover
Paul Grover March 25, 2019

No.

SOC3 Report for 2017-18    Page 11 

 

image.png

Like
Reply
1 vote
itsupport@nsamgroup.com
itsupport@nsamgroup.com January 20, 2016

Can we please get a straight answer to this question?  That URL has no info pertaining to this question.

Reply
0 votes
jamesmaniotis
jamesmaniotis September 18, 2019

Does this mean that BitBucket repositories are encrypted for free accounts everywhere Atlassian stores them?

Reply
0 votes
Pedro Cora
Pedro Cora
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
November 20, 2014

Hi Eric,

I recommend you to take a look at this page: https://www.atlassian.com/hosted/security. It contains the answer to your question. smile

-- Pedro

View More Comments
Eric40
Eric November 20, 2014

So, the answer is 'no, it is not encrypted'? I do not see any comment on encryption while the data is at rest. They do mention that backups are encrypted. If the answer is 'no', please update your answer stating this explicitly and I will mark it as the answer.

Like
itsupport@nsamgroup.com
itsupport@nsamgroup.com January 20, 2016

Agreed- there is no mention of encryption at rest in that document which I already reviewed.  There is the same question from a different user which received the same response.  Can we simply have a straight response of "YES" or "NO" to this question?

Like
Seth
Seth
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
January 20, 2016

@Pedro Cora [Atlassian] - Sounds like some follow-up is expected from you on this.

Like
Sylvain D
Sylvain D November 2, 2017

Dear Atlassian team,

Could you update us all on this question? This can sometimes be a compliance issue and we do need to be clear on this matter whether data is encrypted at rest on not (and with which encryption protocols / methodology) for:

  • Attached documents (uploaded)
  • Pages, tickets...

Clearly understood that all communications use TLS 1.2, but this may not be enough information for us.

Understood we can also protect and encrypt some documents sent also with some plugins available, but for example you could already maybe have an encryption at rest leveraging S3 bucket capabilities (if using AWS)?

Like
friscotx10
friscotx10 January 26, 2018

do we have a precise information on how to handle data at rest in bitbucket cloud

Like
Reply
0 votes
Seth
Seth
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
November 20, 2014

Most of the others on this site are users, like you. I've never seen any information regarding your question, so I'll hope @Logostech Atlassian Support notices your question.

Reply

Suggest an answer

Log in or Sign up to answer
Confluence
Confluence
TAGS
AUG Leaders

Atlassian Community Events

    See all events