Are you in the loop? Keep up with the latest by making sure you're subscribed to Community Announcements. Just click Watch and select Articles.

×
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Celebration

Earn badges and make progress

You're on your way to the next level! Join the Kudos program to earn points and save your progress.

Deleted user Avatar
Deleted user

Level 1: Seed

25 / 150 points

Next: Root

Avatar

1 badge earned

Collect

Participate in fun challenges

Challenges come and go, but your rewards stay with you. Do more to earn more!

Challenges
Coins

Gift kudos to your peers

What goes around comes around! Share the love by gifting kudos to your peers.

Recognition
Ribbon

Rise up in the ranks

Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!

Leaderboard

Join now to unlock these features and more

Security Details on MS Teams Addon for JIRA

Michael Ma
Michael Ma Dec 03, 2019

Our company is considering adding this plugin to enable the integration between JIRA and MS Teams, however we take security seriously and have a few questions we are hoping we can get an answer for:

  • Has Softserve completed a security assessment with Atlassian? If not, are they looking at completing one?
  • There doesn't seem to be information available on the security of the plug-in and what data is accessed, or where it is routed or stored.  Location of where data is stored is a concern for us as certain locations such as Ukraine is designated as forbidden for us. Also if traffic is routed through the Ukraine this would be a major concern for many of our clients who have strict geo-location requirements.  Would it be possible to get hold of more details about how these plug-ins work and where data/traffic between Atlassian and Softserve might be routed and stored?

    Thanks heaps!
Answer
Watch
Like Be the first to like this
728 views

2 answers

0 votes
Drew Cottrell
Drew Cottrell Feb 20, 2020

@SoftServe Support I connected this successfully to test, but don't see your app listed as using my OAuth token, why is that?

View More Comments
SoftServe Support
SoftServe Support
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
Feb 26, 2020

Dear Drew,

Thank you for contacting us! We have received your request and are currently working on it in scope of your ticket.

Best regards,
SoftServe Support Team

Like
Reply
0 votes
SoftServe Support
SoftServe Support
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
Dec 03, 2019

Hi Michael,

Thank you for being interested in our products. 

Please be informed that our cloud provider is Microsoft Azure. We host all static files (HTML, CSS, JavaScript files) and RESTful web services under two regions: West Europe (Netherlands) and Central US (Iowa). At the moment user cannot choose in what region to store data, so all user's requests will be served by the closest region to the user. 

To perform an integration between Microsoft Teams and Jira Cloud we have to store in database (we use Azure CosmosDB with read/write replicas in Central US and West Europe) next information:

  1. Active Directory Object Identifier (OID) - unique ID from your organization's Active Directory 
  2. Security context from Jira Cloud Add-on framework (recommended approach by Atlassian Team https://developer.atlassian.com/cloud/jira/platform/authentication-for-apps/ )
  3. Jira Cloud instance URL

Our integration stores only information that is required to map your Microsoft Teams user to Atlassian user and make call to Jira Cloud API on behalf of your user. So, all Jira related data would be stored under Jira infrastructure (AWS) and mapping only information under SoftServe infrastructure (Azure).

We are collecting and storing:

  • OAuth tokens to ensure applications interconnectivity and user authorization and mapping between Atlassian products (Jira, Bitbucket) and Microsoft Teams.
  • Your Jira configuration (Jira url).

We don’t collect, process or store any personal information, including your user name, name and email addresses. We do not store your IP addresses. We identify your location based on IP address, IP address is transmitted to identify the location but not stored. We do not store any project or communication specific data from JIRA, Bitbucket or Microsoft Teams.

Also, we have a privacy policy page with detailed information - https://www.softserveinc.com/en-us/msteams-atlassian-privacy-policy/

As for the Vendor Security Self-Assessment, we are working on its completion. The security self-assessment takes some time to be fully processed and completed. Could you please let us know whether you would like to be informed once it is done? 

We hope this was helpful.

Best regards
SoftServe Support Team

View More Comments
William Wilson
William Wilson Sep 15, 2021

I would like to see the Security Self-Assessment!

Like
Reply

Suggest an answer

Log in or Sign up to answer
Product apps
Apps & Integrations
TAGS
AUG Leaders

Atlassian Community Events

See all events