I suggest you immediately change the permission scheme.
The access model has not changed since Jira 3.6, although some of the default groups did change with Jira 7.0. Best practices for security purposes is to only give users what they need. JIRA uses the Grant model which supports this, not a ‘restrict’ model,
The principle is:
The problem most new users have traces back to Atlassian’s default settings of allowing the "group of users that can log in and use an application", permission to everything in a project. This ends up meaning "can use application" becomes "can log in and see everything"
So, you need to delete that group from all the permission schemes. If you do that right away life will be much easier.
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG