Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Bring Your Own Key (BYOK) encryption for Jira Software is now available

October 31, 2023

We are excited to announce that Bring Your Own Keys (BYOK) encryption for Jira Software is now available to all customers with Enterprise plans.

 

For customers who are required to apply BYOK encryption upon the cloud migration, the Atlassian BYOK encryption program will enable your own key space for encrypting and decrypting data at-rest. This gives you, our valued customers, greater control and therefore greater comfort in meeting your required compliance or security posture.

 

To get started with Jira Software BYOK encryption, please reach out to your account representative.

 

Beyond the initial general availability scope, our team is committed to furthering our BYOK journey and providing more data protection values to our customers. We encourage you to share your BYOK security guidelines with us, so we can consider them in our future roadmap.

 

I’m including a few most frequently asked questions below. To learn more, please check out our documentation on BYOK encryption. If your questions are not covered, please don’t hesitate to comment below.

 

Cheers

Hui

=======

Most Frequently Asked Questions:

  1. What are the changes since the launch of its Early Adoption Program (EAP)? see our previous post on the EAP
    • 24/7 on-call service is available.
    • BYOK-enabled Jira products are brought under Atlassian’s Service Level Agreement
    • The platform reliability and incident handling including revocation are up-leveled.
    • Customers can self-serve checking the provisioning status of their BYOK sites through admin.atlassian.com. (see screenshot below)image-20231030-160839.png 

  1. What data is managed with BYOK encryption?

We are committed to continuously expanding the BYOK coverage in relation to data and products. Learn what data is managed with BYOK encryption.

 

  1. Is there a plan to offer BYOK capability beyond the Cloud Enterprise plan?

At this time BYOK encryption is only offered through the Cloud Enterprise and Cloud Enterprise trial plans due to the complexity of supporting this program. We are researching and exploring the possibilities of extending the offering in the future. You may watch this ticket for future updates: CLOUD-11064 

 

  1. Does Atlassian have the login access to my AWS console that is used to manage keys?

No. Atlassian does not have access to your AWS Console. Our BYOK function relies on the cross-account Identity and Access Management (IAM) with only API-level access into certain Key Management Service (KMS) operations that are granted by your admin. Each and every access initiated by Atlassian is recorded in the CloudTrail that you have access to.

It’s worth noting that with our current key model, the BYOK encryption will request new key creation when needed, in addition to performing encryption and decryption. This is to maintain the same least-privilege principle and data segregation security measures that are implemented in Atlassian systems. We are actively working on shielding our customers from this complexity.

 

  1. Will non-AWS key stores be supported?

It is included in our future horizon to support customer keys beyond AWS.

 

  1. Is Confluence EAP still open for signups?

Yes! Please reach out to your account representative to initiate the process.

 

 

Comment
Watch
Like # people like this
1884 views

5 comments

Comment

Log in or Sign up to comment
Bhanu
Bhanu
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
October 31, 2023

I love how Atlassian is taking the products to the next level with the new features. This will be a game changer!

Like # people like this
Vish Reddy {Revyz}
Vish Reddy {Revyz}
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
October 31, 2023

Awesome! congratulations on the GA! @Hui Ren 

Like # people like this
Amar Khot
Amar Khot
Contributor
November 1, 2023

Hi Team

Thank the team for the BYOK feature release and appreciate providing detailed, easy-to-understand guidelines.

Looking forward to having this available for the whole of Atlassian products.

Like # people like this
Rebekka Heilmann _viadee_
Rebekka Heilmann _viadee_
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
January 5, 2024

I've not found any definite information on whether JSM Data is included in BYOK?

Can you shed some light on it and maybe add it to the BYOK FAQ?

Like
Amar Khot
Amar Khot
Contributor
January 5, 2024

@Rebekka Heilmann _viadee_ 

Data managed with BYOK encryption | Atlassian Support

Check the table, it is part of the Jira Family section.

I hope it helps 

Like Rebekka Heilmann _viadee_ likes this
Hui Ren

Hui Ren

Atlassian Team
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.

About this author

Principal Product Manager, Enterprise Encryption (Atlassian)

5 total posts

View profile
groups-icon
Trust & Security
TAGS
AUG Leaders

Atlassian Community Events

    See all events