Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Marketplace Apps Available Once Atlassian achieves FedRAMP?

Dontrell Murray
Dontrell Murray April 18, 2023

Once Atlassian achieves its FedRAMP certification what marketplace apps will be available in the public sector cloud? Will all the apps currently available still be accessible or will each marketplace app also have to obtain a separate FedRAMP certification?  We have plans to move to the public sector cloud once FedRAMP certification is achieved but also need to be able to continue to use several of the marketplace apps for Jira.

Comment
Watch
Like # people like this
1708 views

2 comments

Comment

Log in or Sign up to comment
Jordan Hauser
Jordan Hauser April 18, 2023

I do not have info on this, but would like to link this to another thread that is similar. I would also like to know the answer to this question.

https://community.atlassian.com/t5/Trust-Security-discussions/JIRA-Cloud-BitBucket-ITAR-NIST-800-171-Compliance/td-p/1396751?utm_campaign=&utm_content=post&utm_medium=email&utm_source=atlcomm#M662

-Jordan

Like Dontrell Murray likes this
Reply
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
April 18, 2023

Welcome to the Atlassian Community!

My understanding is that because the apps are not provided by Atlassian, they will need to get their own certifications. 

At the moment, there's no point - they run on top of a non-certified platform, so they can't be certified until after Atlassian is.

Like # people like this
Reply
Dontrell Murray
Dontrell Murray April 18, 2023

Thanks for your response.  I definitely understand that there isn't much point to having the certification until after Atlassian gets certified but my concern is that the FedRAMP certification process is extremely lengthy and the vendors that I've spoken with that offer a Jira plugin version of their application do not even have FedRAMP on their roadmap.  So if the tools we currently use within Jira are not FedRAMP certified it would delay the timeline that we could move to the public sector which opens a different can of worms for us in terms of future planning.

Like Nic Brough -Adaptavist- likes this
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
April 18, 2023

I agree with you, it disappoints me to think vendors are not even looking at the process.  It does not make a lot of sense to me for a vendor to be thinking "we'll start our compliance journey when the platform we build for gets their certification".

But I understand that we can be a bit stuck.  There's no point applying until we can say "the underlying platform complies"; we're bound by the process.  But we can design and code for it, so we can start the process the day Atlassian gets their certification, or even apply now for something with "this is only valid after the platform gets it too"

Like # people like this
groups-icon
Trust & Security
TAGS
AUG Leaders

Atlassian Community Events

    See all events