Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Best practices to secure human resources project from internal administrators

Bin Liang
Bin Liang
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
July 21, 2020

Please contribute your expertise and recommendations to secure Human Resources Jira Service Desk project.  So highly confidential issues such as compensation, dispute, etc are securely limited to certain HR team members only, especially from internal administrators, global or project.

Jira service desk issue security can limit to Reporter Only.   If administrator adds himself to view the issue, can in-erasable trace be kept or alarmed? 

In case of troubleshooting, the administrator has to have right to visit those issues.

Thanks!!

Comment
Watch
Like Be the first to like this
878 views

2 comments

Trevan Householder_Isos-Tech-Consulting_
Trevan Householder_Isos-Tech-Consulting_
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
July 28, 2020

@Bin Liang Typically, HR projects are restricted to specific, trusted individuals in the HR team + one OPS person.  Alternatively, the OPS person could be added on a case by case basis, i.e. when there's need for troubleshooting. These actions (project permission changes) are logged.

Logs can be aggregated to a central location for audit and review by the security team. In the case of Jira On-Prem/Server, a crafty system administrator could delete the log but that would be a sure sign of meddling and raise red flags for sure.

Like Dave Liao likes this
Bin Liang
Bin Liang
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
July 28, 2020

Thanks Trevan!  That makes sense.  So it sounds like this typical HR project permission set up can be done without issue security. Is it?

Like
Trevan Householder_Isos-Tech-Consulting_
Trevan Householder_Isos-Tech-Consulting_
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
July 29, 2020

My pleasure, @Bin Liang 

Actually, you must use Issue Security or some other app to achieve this, in addition to project permissions.

Like Dave Liao likes this
Reply
Jelan lekr
Jelan lekr January 20, 2021

I solved this with the instead new Structure.Gantt-Plugin and a custom hw aid discipline. This labored quite well about this page. What I could not remedy smoothly is that each undertaking requires each HR-resources and equipment in my use case and both need to be deliberate on the equal time.

Like
Reply

Comment

Log in or Sign up to comment
Jira Service Desk
Jira Service Management
TAGS
AUG Leaders

Atlassian Community Events

    See all events