We are currently analysing possibilities of encrypting sensitive information inserted in the JIRA tickets (text and attachments).
We are already using an HTTPS access and an external authentication tool but we would like to improve the security of the information.
We were considering either the acquisition of a specific plugin like Encrypted Field or encryption directly in the JIRA DB (MYSQL). Does JIRA support encrypted databases?
We are currently running JIRA version 6.2.7 but we are thinking of migrating to JIRA 7.0.11 in the near future.
Can anyone share your experiences in making JIRA more secure?
Thank you all for your help.
JIRA doesn't officially support encrypted databases - that is, Atlassian Support can't help if you experience configuration issues with encrypted fields. Some folks are definitely doing it.
A couple items came to mind:
I saw Encrypted Field mentioned in a few other questions, so it looks like you are doing your research. Good luck and let us know how your encyption efforts turn out!
Yes, that sounds right. After reading up a little about MySQL encryption, it seems like you would want to enlist the help of a DBA who has used it before. A few posts noted that you'll take a performance hit encrypting the whole database and it might be worth scoping out to what you mentioned (text in tickets).
Note that attachments are stored on disk, so you can take permissions and encryption steps for those on the filesystem without having to do things to your database.
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG