Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

Is Jira Software (Cloud) ITAR complaint?

My company must adhere to ITAR restrictions due to the nature of our products.  This means things like source code and issue tracking data repositories just be maintained within U.S. boarders.  Obviously if we use a server-based installation of Jira with can achieve ITAR compliance.  I'm interested in hearing if there are options for setting up Jira Software (Cloud) in an ITAR-compliant manner.

Thanks.

-m

4 answers

@Petter Gonçalvesor Atlassian Team
Has there been any additional updates on Atlassian's stance on offering ITAR compliant cloud hosting?

My company is in a similar situation to Michael and Josh, we chose self-hosting over cloud solely because of ITAR restrictions.

With Server being deprecated in 2024, if there isn't an ITAR cloud compliant variant, we'll have to start the transition to another platform sooner rather than later

Same exact situation for us.

If Atlassian doesn't come up with a solution they are going to alienate their aerospace user base.

Like Alex Sharp likes this

Yes, I agree with this; if Atlassian does not provide some direction or options, any Aerospace and Defence business working within the US Defence Industrial Base will have to look at options on other platforms.

Any Technical Data within Jira and Confluence must be protected to be ITAR compliant, but also remember there is CMMC to be concerned about as well. Most business in the DIB would be looking for a solution that hosted on the FedRAMP to reduce the cost of meeting the DFARS requirements for CUI.

For reference, Atlassian does have a Jira Ticket open as a Suggestion for ITAR Compliance for Jira Cloud  [CLOUD-10916] ITAR Compliance - Create and track feature requests for Atlassian products.

Good morning, As a Platinum partner of Atlassian since day one, we are the only partner in the ecosystem that is FedRamp certified. We can host your applications in our FedRamp Data Center which would cover any ITAR concerns. Let me know if I can further help. 

According to this:

https://confluence.atlassian.com/enterprise/jira-server-and-data-center-feature-comparison-953651628.html

The Atlassian replacement for the server offering - Data Center - does support self-hosting (see "Deployment options" at the bottom).   It's a shame that the solution set costs so much (particularly at entry-level), and that the Atlassian staff don't seem to have a good understanding of how this works.   My guess is they're going to be losing a lot of customers due to obsolescence of the popular server offering.

Good morning John, As a Platinum partner of Atlassian, we are the only partner in the ecosystem that is FedRamp certified. We can host your applications in our FedRamp Data Center which would address any ITAR concerns. Atlassian also has some discounts in place to make the transition from server to DC, more economical for the customer. Let me know if I can further help. 

Like # people like this

Contegix. I'd be happy to hop on a call to discuss. sshane@contegix.com 

We also have the same problem with military projects.  It's too bad Atlassian's response indicated no understanding of the ITAR concerns or what it means.

Good morning Patrick, As a Platinum partner of Atlassian, we are the only partner in the ecosystem that is FedRamp certified. We can host your applications in our FedRamp Data Center which would address any ITAR concerns. Let me know if you would like to sync up to discuss.

0 votes

Hello @Michael Hoffman

Welcome to the Atlassian Community!

I can confirm that Jira Cloud application is not ITAR compliant, due to the fact that Atlassian has not specifically designed, modified, developed, configured, or adapted any item or technology for a military purpose.

That being said, Atlassian applications are currently not subject to the ITAR and its products and services are not subject to any ITAR licensing requirement.

If you want to specifically check what Atlassian policies are compliant or not with ITAR, you can find more information about Atlassian Security Policies on the following documentation:

Let us know if you have any questions.

The software doesn't need to be "...specifically designed, modified, developed, configured, or adapted any item or technology for a military purpose."  The cloud service software needs to be hosted in ITAR complaint GOV space.  With the announcement this morning that Atlassian will no longer have on-prem products this is a concern if Atlassian is not ITAR complaint and providing their software in ITAR GOV space.  My company requires we operate in ITAR compliance.  If Atlassian is not going to be providing cloud solutions for all their software products in ITAR compliant GOV cloud space through either AWS or Azure then it is time to begin looking for replacement products.

Like # people like this

@Josh Welch you exactly articulated thoughts that were in my mind when I read Atlassian's announcement the other day about Jira Server's obsolescence.  Our company also requires ITAR complaint solutions, which was THE primary reason for going with Jira Server over Jira Cloud.  When we researched alternatives earlier this year, one cloud-based solution that had ITAR compliant storage options was Azure Dev-Ops.  But we greatly prefer Jira as a more capable/flexible tool for our needs, so we willing took on the responsibility of hosting it internally.  Unfortunately, it looks like we too are now going to have to abandon Jira due to Atlassian's decision to not support solutions for customers that have ITAR storage requirements.  Very disappointing.

Like Eric Desjardins likes this

Good morning Josh and Michael, As a Platinum partner of Atlassian, we are the only partner in the ecosystem that is FedRamp certified. We can host your applications in our FedRamp Data Center which would address any ITAR concerns. Let me know if I can further help. 

Suggest an answer

Log in or Sign up to answer
DEPLOYMENT TYPE
CLOUD
PRODUCT PLAN
FREE
PERMISSIONS LEVEL
Site Admin
TAGS
Community showcase
Published in Apps & Integrations

🍻🍂Apptoberfest Update: Upcoming Virtual Events 🎉

Hello Community! I hope you've been enjoying the 🍂Apptoberfestivities🍂 (I know I have!) The event is heating up next week with a series of virtual events that we're calling the 🍻🍂Partner App ...

104 views 1 7
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you