We would like to deploy an internally hosted JIRA instance for both internal users and our exeternal clients.
Basic requirements are:
Our primary concern is from a security aspect. What is the suggested approach.
I have seen some informaiton on partitoning and public/private instances. We are looking for advise primarily on how to secure both internal and client data form the outside world whilst making our JIRA instance available to our external clients via a web login.
Would two instances of JIRA be preferable, one public instance for clients and one private instance for internal users? If so, how would Issues be moved between the two instances.
For your case, I'd suggest sticking with a single instance for both groups. It's perfectly possible to set up a Jira so that various sets of users have different access, including sections that are completely hidden to some users.
The one piece of advice I would give you to begin with though - Jira's default permission scheme is completely useless for this. It's permissive, and it encourages users to continue to be permissive because it uses the same group for "can log in" and "can use all the projects".
Before you set anything else up, it is worth correcting this and educating your administrators. You can either create a new group or re-use "jira users", but you need to define a group that defines "these users CAN log in, but they can do NOTHING else" (well, ok, if you've got a "jira support" project, or you want to allow everyone "browse user" and/or "bulk edit" by default, you can use it there too).
Do NOT use the group in ANY permission schemes, roles or default roles.
Then, you'll be able to put your internal and external users into other groups or roles and control their access that way. But separate out "login / jira user" from all of that.
JIRA already is equiped with pretty advanced group management, if you put all your external users in a certain group and make sure those groups don't have permissions for read/write for your internal projects, wouldn't that fix your problem?
This community is celebrating its one-year anniversary and Atlassian co-founder Mike Cannon-Brookes has all the feels.Read more
Hey Atlassian Community! Today we are launching a bunch of customer stories about the amazing work teams, like Dropbox and Twilio, are doing with Jira. You can check out the stories here. The thi...
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG
You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs