We are running a self managed instance of Jira (Development) and Jira Service Desk (IT Helpdesk) that currently is only used by employees. We would like to provide a new Jira Service Desk project to external customers over the internet.
What are some secure implementation patterns for this type of deployment?
Well in order to securly deploy your Jira instance online, make sure that:
1. your users are not exposed globally.
2. Your issues can't be accessed
3. dashboard cant be accessed
Test your Jira using anonymous access and make sure all of the above are locked.
Also don't forget to double check if captcha is set up for login and registration in case of bots.
And run jira over SSL and everything will be perfect security wise
Hi Radford,
If the access is only for respective external clients then you can just give them access to them only for that project in the customer permissions settings in Project settings or if the user login might differ day by day then you may need to have the sign up option for your instance..
And the other thing, if it is different for external clients then you should create a different organizations for different clients and add them into that.
https://support.atlassian.com/jira-service-desk-cloud/docs/add-a-customer-to-an-organization/
If need more info, please do check the above link for addition of customer in an organization.
Thanks and Regards
Mone Dileep Kumar
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.