Here in the US, it’s Cybersecurity Awareness Month! At Atlassian, we call this Trust-tober
And while we don’t want you to be too spooked, it’s important to recognize that cybercrime has increased 15% over the last three years. As the size of these threats continues to grow, so does their level of sophistication. What has worked in the past won’t be enough to protect against future threats. On Atlassian Cloud, we tackle these challenges together and provide your teams with the tools they need to collaborate effectively, without compromising your data.
Here’s a snapshot of upcoming and recently launched features that we’ve built to defend your data, remain in compliance, and increase efficiency for admins:
Advanced security controls
BYOK encryption for Jira Software
Product requests
Security improvements to API token controls
Data residency in Canada
Expanded compliance program
HIPAA compliance for Standard and Premium plans
TISAX Level 2
New investments in the admin experience
Custom Domains for JSM Help Center (Beta)
Real-time changes in product updates
On cloud, we tackle the evolving challenges of data security together. In addition to the comprehensive data protections we’ve built into the architecture of our products, we’re constantly expanding the number of controls we offer to ensure your teams have the flexibility they need to design a security strategy that best meets the needs of your organization. In this month’s roundup, we’re introducing features that will enable your teams to:
Maintain control over how your data is accessed
A consistent theme we’ve heard from you is the need for stronger encryption. Historically, encryption in cloud has been limited to encryption at rest and in transit but earlier this year we launched bring-your-own-key (BYOK) encryption as part of an early access program (EAP) for Jira Software and Confluence. Finally giving your teams the ability to manage the keys to your most prized possession, your data, with keys from your own AWS account. EAP was a success and now we’re moving to GA at the end of the month for Jira Software. This is the first of many milestones for BYOK encryption over the next year so keep your eye out for more to come!
Scale security as you grow
Whether you have 100 people or 10,000 people data security is essential to the success of your business, but your approach may look different. Unfortunately, as your teams grow, so do the risks of shadow IT. To further admin visibility and control to keep your organization protected, we’ve recently launched product requests. Product requests allows admins to deny or resolve user requests for new instances, and easily implement policies via admin.atlassian.com to address these risks.
Another key area that becomes more complex as you grow is API management. Recently, we have improved the mechanisms for managing API token usage to reduce unauthorized access to your organization's data. Admins can now block API token generation and usage by managed and external users all from within admin.atlassian.com.
Keep your data in a secure location
It’s not always about the size of your data, but where it lives. Storing data in a trusted region of your choice is often at the top of the requirements list for many organizations, which is why we’ve invested in expanding data residency to regions all over the world. Earlier this year we launched Singapore as a new region and now we’re introducing Canada, bringing the total number of countries we offer to six. By the end of Q1 2024, that number will double with Brazil, India, the UK, Japan, and Switzerland joining the party.
In addition to strengthening our controls, we’re also broadening our compliance program to provide greater coverage across industries.
Improving coverage in healthcare
For customers with protected health information (PHI) in the US, we launched HIPAA compliance last year for Jira Software, Confluence, and Jira Service Management in Cloud Enterprise. We’re thrilled to announce that based on the feedback we heard from customers, we’re now expanding support to all paid plans (Standard and Premium) so teams of all sizes can take advantage of our HIPAA program. This expansion also comes with improved notifications in Jira Software (JSW) and Jira Service Management (JSM). When we initially launched HIPAA, all instances were required to turn off their notifications to ensure that PHI would remain compliant. Since then, we’ve made improvements to our notification system to allow for teams to turn on their notifications and stay protected. To learn more, visit our implementation guide.
Improving coverage in automotive
We’ve also improved our compliance posture for teams that work in the automotive industry in Germany, with TISAX Level 2 certification. TISAX requirements directly map to ISO27001 controls, which we are audited against every year to provide additional verification of our trusted platform. As we continue to uplevel our data security protections, we’ll continue to grow our compliance program into new industries. In the meantime, check out our Compliance Resource Center to explore what we offer today.
It’s no doubt that admins wear many hats, and admin.atlassian.com serves as their mission control center to ensure teams are protected, work moves forward, and goals are reached. Admins often have to balance customization and control within their organizations, and we’re excited to share a new customization feature for Jira Service Management Help Center. We’ve recently launched custom domains for JSM Help Center in beta. This feature provides admins with the ability to create a unique URL for their help center domains - promoting greater discoverability and ease of use.
As admins look to make information easier to find within their organization, we want to make it as easy as possible for them to find the latest information about Atlassian. That’s why we built product updates to surface essential, relevant, real-time information about Atlassian-initiated changes within their existing workspace. Gone are the days of sifting through emails and Slack messages to figure out what’s changed, when, and if it’s relevant for your teams. If you haven’t checked it out yet, go take it for a spin!
That’s all for now! If you have any questions, feedback, or comments would love to hear from you below.
Cheers,
Hosana
Hosana
1 comment