Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Managing highly sensitive data in a project, so not even JIRA admins can see it once it's set up?

Simon Ward
Simon Ward July 9, 2012

We have a requirement to use JIRA to store and manage requests for a confidential system.

how can we set up a project and then secure it from all but nominated people to access and maintain?

the overall JIRA admin would not be one of these people.

Answer
Watch
Like Be the first to like this
764 views

3 answers

1 accepted

0 votes
Answer accepted
Ellen Feaheny [
Ellen Feaheny [AppFusions]
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
July 9, 2012
Agree w/ Nic .. need to trust .. Or spin up a new instance all together and YOU are the admin. If hosted, then you can have an outside party as the net ops sys admin..
View More Comments
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
July 9, 2012

No - if you have two Jira instances (sounds like you do, if you need to protect HR stuff from your main Jira admins), then you need two licences. Of course, if your HR department is small, a $10 license for a handful of users is not a huge expense...

Atlassian are looking at bulk/site licenses as well, so in the future, that problem might go away.

Like
Simon Ward
Simon Ward July 9, 2012

Thanks Ellen

By 'Spin up a new instance' do you mean use the same licence? If we could restrict use of this to a named individual (as in I don't want to have access any longer as admin for our 'main' JIRA instance) then this could work. How do I find out how to do this?

Like
Ellen Feaheny [
Ellen Feaheny [AppFusions]
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
July 9, 2012

Yes, Nic is right - you would need an additional license (for the number of users using it - so in your scenario, likely under 10).

If HR, and don't have the IT ops admin skills to do this easy (and ongoing support), can offer you a direct managed hosted option that is turnkey - up and running fast, backed up, upgrades included - and all secure for you.

ellen at appfusions dot com if want quote or to discuss more.

Like
Simon Ward
Simon Ward July 9, 2012

Thanks Nic & Ellen

The HR dept that would be using this is small in itself (5-10 users) but they potentially deal with the whole UK organisation, to whom they would be wanting to assign issues. so anywhere upwards of 500-600 users!

I think we'll try and get them their own instance and then I can hand over the reins to their IT guy.

If they are not keen on this solution, then the hosted option could be a runner.

Cheers for the prompt and informative replies..

Like
Reply
0 votes
Crisan Hristea Carolina Sarah
Crisan Hristea Carolina Sarah November 12, 2020

Hello @Nic Brough -Adaptavist- do you know if there is any update on this request after 8 years ? :)

View More Comments
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
November 12, 2020

Atlassian have stated they're not changing this, years ago.

Like
Reply
0 votes
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
July 9, 2012

Simple at first - create a permission scheme that only allow people in a certain group or role to browse the project.

However, your comment about the Jira admin won't work. You can exclude the Jira admin, but they will ALWAYS have the ability to put themselves into a role or group that allows them access.

There is no getting around the fact that you have to trust the administrators of any system you run.

View More Comments
Simon Ward
Simon Ward July 9, 2012

Hi Nic. Thanks for that.

It's not a trust thing really. This is confidential HR related data that we don't want anyone except the users(and their HR IT person) seeing.

The new instance suggestion from Ellen may be a runner i think.

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira Software
TAGS
AUG Leaders

Atlassian Community Events

    See all events