is JIRA cloud data encrypted?

I would like to know if the JIRA cloud data (or even the JIRA server) is encrypted in transit AND at rest.

 

 

5 answers

Application database backups for Atlassian Cloud occur on the following frequencies: On-site backups are performed daily and retained for seven days; Tape backups are taken weekly, which are then stored off-site and retained for four weeks. All backup data is encrypted.

Thank you for your response, but this didn't fully answer my question.

I am looking for data that is not only backed up - rather active data that is in transit or at rest.

 

 

0 vote

This is the Atlassian Cloud Security document: https://www.atlassian.com/cloud/security/

Again, thank you for your response, but this didn't fully answer my question.

I am looking for data that is not only backed up - rather active data that is in transit or at rest.

I believe that data sent over public networks uses HTTPS and should have all of the security properties that HTTPS provides. Data at rest is not as simple as "it is all decrypted" or "it is all encrypted". Some data is and some data is not and I cannot give you a full breakdown of that information. Please raise a request at support.atlassian.com to get our excellent support team to gather that information for you.

Appreciate your response Robert.

I am also looking for the same data. 

I need to know if the data at rest is encrypted or in any other way secured? 

I also need to know if a 3rd party vendor can access/decrypt the data their facility is hosting? 

Also, I need to know of any vendor has access to non-encrypted, non-public data in our instance?

I have not found a clear statement in your online documentation 

We are an Atlassian Solution Partner and we've just released something that might help. It's called Team Secrets and it protects sensitive file attachments in JIRA with end-to-end encryption for attachment uploads and 2 factor verification for downloads.

https://marketplace.atlassian.com/plugins/io.teamsecrets.jira.prod/cloud/overview

Please try it and let us know if this helps!

Atlassian is compliant with SOC2, and their SOC2 report can be obtained here: https://www.atlassian.com/trust/compliance

Unfortunately the report clearly states on page 29 that "Data is not encrypted at rest. Data in transit is encrypted with the TLS cryptographic protocol."

Suggest an answer

Log in or Join to answer
Community showcase
Sarah Schuster
Posted Jan 29, 2018 in Jira

What are common themes you've seen across successful & failed Jira Software implementations?

Hey everyone! My name is Sarah Schuster, and I'm a Customer Success Manager in Atlassian specializing in Jira Software Cloud. Over the next few weeks I will be posting discussion topics (8 total) to ...

3,315 views 14 20
Join discussion

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you
Atlassian Team Tour

Join us on the Team Tour

We're bringing product updates and pro tips on teamwork to ten cities around the world.

Save your spot