Client requirements got me boggled

Thomas Burke October 21, 2020

Our client will work with us  if  we can supply them with the answers to these questions which I could answer as an on-premise system admin but I am at a loss as a new cloud Bitbucket admin.

 

I can glean some from this site Atlassiaion provided however the  hardware specific questions that may be addressed by the  one of those links ( minus one link that does into work regarding Virginia, datacenter security measures is a page that cannot be accessed so in the dark what precautions Atlassian is taking with BB cloud which actually be nice to see....

https://www.nttdatacenterservices.com/i/756504-data-center-physical-security-white-paper/1

The other links I know already I can gleam that do not answer specifics.

You community help is much appreciated to the cloud novice.

1, 3, 4 are the ones I cannot answer.

 

The access control related questions 

  1. Can we setup time out feature, like access restricted after some idle time?
    1. This is currently being assessed with our cloud providers. Beyond Limits monitors logs of usage and access. 
  2. Can we set up notices of past login time, number of attempts with the log-on failure?  
  3. Can we set up access granted time windows restricting user access to the cloud system? 
  4. Can we add other cyber security features such as firewall and IPS, upon requested? 

2 comments

Thomas Burke October 22, 2020

no idea eh? seem par for the course on the Atlassian cloud product line.  :- D

Theodora Boudale
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
October 28, 2020

Hi Thomas,

1. Can we setup time out feature, like access restricted after some idle time?
This is currently being assessed with our cloud providers. Beyond Limits monitors logs of usage and access.

If you have verified a domain for an organization and have managed accounts, then it is possible to set Idle session duration (users will get logged out after being idle for the duration you specify):

This will apply only to accounts managed by your Org and it won't affect mobile sessions. Please note that this setting will affect also JIRA and Confluence Cloud accounts as well.

2. Can we set up notices of past login time, number of attempts with the log-on failure?

I am not sure I understand the question. Would you like to show to the user a message with the number of failed attempts, if log in fails?

3. Can we set up access granted time windows restricting user access to the cloud system?

If I understand correctly, you'd like to specify a time frame that users can access a Bitbucket Cloud workspace, and for the workspace to be inaccessible the rest of the time?

I'm afraid this is not possible at the moment. I can most certainly open a feature request if you'd be interested in that, just let me know.

4. Can we add other cyber security features such as firewall and IPS, upon requested?

I'm afraid that this is not possible.

Some security features available in Bitbucket Cloud are:

IP Whitelisting: restrict access to a workspace's repos only from certain IP addresses

Require two-step verification: require that users can only access a workspace's repos if they have enabled 2FA in their Bitbucket Cloud account

These features are available in workspaces with Premium plan and documented here:

Please feel free to let me know if you have any other questions.

Kind regards,
Theodora

Comment

Log in or Sign up to comment
TAGS
AUG Leaders

Atlassian Community Events