Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Next challenges

Recent achievements

  • Global
  • Personal

Recognition

  • Give kudos
  • Received
  • Given

Leaderboard

  • Global

Trophy case

Kudos (beta program)

Kudos logo

You've been invited into the Kudos (beta program) private group. Chat with others in the program, or give feedback to Atlassian.

View group

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

Managing highly sensitive data in a project, so not even JIRA admins can see it once it's set up?

We have a requirement to use JIRA to store and manage requests for a confidential system.

how can we set up a project and then secure it from all but nominated people to access and maintain?

the overall JIRA admin would not be one of these people.

3 answers

1 accepted

Agree w/ Nic .. need to trust .. Or spin up a new instance all together and YOU are the admin. If hosted, then you can have an outside party as the net ops sys admin..

No - if you have two Jira instances (sounds like you do, if you need to protect HR stuff from your main Jira admins), then you need two licences. Of course, if your HR department is small, a $10 license for a handful of users is not a huge expense...

Atlassian are looking at bulk/site licenses as well, so in the future, that problem might go away.

Thanks Ellen

By 'Spin up a new instance' do you mean use the same licence? If we could restrict use of this to a named individual (as in I don't want to have access any longer as admin for our 'main' JIRA instance) then this could work. How do I find out how to do this?

Yes, Nic is right - you would need an additional license (for the number of users using it - so in your scenario, likely under 10).

If HR, and don't have the IT ops admin skills to do this easy (and ongoing support), can offer you a direct managed hosted option that is turnkey - up and running fast, backed up, upgrades included - and all secure for you.

ellen at appfusions dot com if want quote or to discuss more.

Thanks Nic & Ellen

The HR dept that would be using this is small in itself (5-10 users) but they potentially deal with the whole UK organisation, to whom they would be wanting to assign issues. so anywhere upwards of 500-600 users!

I think we'll try and get them their own instance and then I can hand over the reins to their IT guy.

If they are not keen on this solution, then the hosted option could be a runner.

Cheers for the prompt and informative replies..

0 votes

Simple at first - create a permission scheme that only allow people in a certain group or role to browse the project.

However, your comment about the Jira admin won't work. You can exclude the Jira admin, but they will ALWAYS have the ability to put themselves into a role or group that allows them access.

There is no getting around the fact that you have to trust the administrators of any system you run.

Hi Nic. Thanks for that.

It's not a trust thing really. This is confidential HR related data that we don't want anyone except the users(and their HR IT person) seeing.

The new instance suggestion from Ellen may be a runner i think.

Hello @Nic Brough _Adaptavist_ do you know if there is any update on this request after 8 years ? :)

Atlassian have stated they're not changing this, years ago.

Suggest an answer

Log in or Sign up to answer
TAGS

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you