Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Next challenges

Recent achievements

  • Global
  • Personal

Recognition

  • Give kudos
  • Received
  • Given

Leaderboard

  • Global

Trophy case

Kudos (beta program)

Kudos logo

You've been invited into the Kudos (beta program) private group. Chat with others in the program, or give feedback to Atlassian.

View group

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

Keep your team and content safe with IP allowlisting for Atlassian Premium

The level of access and control enterprise companies need today to keep their teams and information safe in the cloud is paramount. And it’s no wonder, in 2019, over 4 billion records were exposed by data breaches—just in the first half of the year. As companies scale, the room for bad actors grows with it as you allow more employees, vendors, and contractors to have access to your systems.

To support our admins in proactively managing security at scale, and to keep our customers and their information safe, IP allowlisting is now generally available to all of our Jira Software, Confluence, and Jira Service Desk Premium customers.

 

Keep sites secure with IP allowlisting

After sifting through hundreds of pieces of feedback and meeting with dozens of admins who manage Atlassian products at scale, we know that our customers have stringent security requirements and need their products to only be accessible by trusted company networks.

In late May we launched a beta program for IP allowlisting, and we’re excited to announce that it’s now available to all Premium customers! IP allowlisting keeps teams and their content secure by ensuring that use of Atlassian Premium products are restricted to VPN and office networks, even for external collaborators, and allows secure access for content consumers.

IP_allowlist_G (1).png

Access from sanctioned company networks

The risk companies expose themselves to when users access their Jira and Confluence sites from unprotected networks can be high and costly. Now, enterprise and regulated organizations can require all end-users to access Atlassian products from sanctioned company networks. If you have agreements with your own customers about the security of their data, rest assured it won’t be leaving the building.

Secure your external collaborators

Outside of traditional user permissions controls, there is very little admins can do to protect their organization from risky usage of external collaborators. Admins can’t enforce SSO, two step verification, session duration, or password policies on these accounts the same way they can for managed accounts (ie accounts with email addresses from the verified domain). With IP allowlisting, admins get much needed relief with the confidence that product access is restricted to specific networks, even for external accounts.

To add and access your allowlists, please visit admin.atlassian.com > Security > IP allowlisting. From here, add up to 100 IP addresses or network blocks per allowlist.

Learn more about IP allowlisting from our public documentation page, or if you have any suggestions for insights you’d like to see in the future, please leave a comment below and we’ll investigate it for our roadmap!

New to Premium? Learn more here.

6 comments

Thank you for the post @Rak Garg ! This is great news.

Taranjeet Singh Community Leader Jul 30, 2020

This is a great security feature @Rak Garg ! Thanks for sharing this post. Is this feature going to be available for Atlassian Cloud Standard licensing as well?

Kesha Thill Atlassian Team Aug 05, 2020

Hey @Taranjeet Singh ! As of now, we only have plans to have this available in our Premium and Enterprise plans for Jira Software, Confluence, and Jira Service Desk.

This is an insult to small business and until this comes to Standard and Free tiers, Cloud is not an option.

Basic security should be default, not a premium extra.

I don't disagree.  This seems like some basic level security yah'll.  Part of why we self host is to protect our data.  Since you are effectively forcing us to the cloud it seems like you should also provide some security so we can ensure our data is safe as a trade off.

Comment

Log in or Sign up to comment
TAGS

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you