4 keys to enhancing your Jira security
Share on socials
Keeping your data safe: 4 keys to enhanced Jira security
Charlie Courtney
23 February 2024
9 min read
Charlie Courtney
23 February 2024
9 min read
Jump to Section
Jump to section
Is Jira secure?
Keep your organisation safe from threats
4 ways to keep your Jira secure with Encryption for Jira
1. Encrypt your Jira attachments
2. Create and encrypt custom text fields
3. Use visibility settings for complete control over who sees what
4. Run regular checks to spot discrepancies and mitigate risks
Get started with Encryption for Jira
Explore how to use Encryption for Jira to fortify your data and get peace of mind knowing your sensitive fields and attachments are safe.
You're using Jira to manage your organisation's projects and workflows.
Everything appears to be going swimmingly. You have great people and a great team, all using the platform to work collaboratively towards common, unified goals. You have clear objectives, and your plans and priorities are all aligned to help you achieve success.
However, something still doesn't feel quite right. There's still a nagging question in the back of your mind.
Is Jira secure?
Like a shark lurking beneath the shallows, the threat of data breaches is constantly there, waiting for the opportunity to strike.
So how can you ensure ultimate, impenetrable Jira security?
That's where Encryption for Jira comes in. With Encryption for Jira, you can rest assured knowing your most sensitive data, fields and attachments are kept under lock and key, safe from prying eyes and breaches.
In this post, we explore how to use Encryption for Jira to start fortifying your data, by giving you the four keys to ultimate, enhanced Jira security, so you have peace of mind knowing your sensitive fields and attachments are safe.
So how can you ensure ultimate, impenetrable Jira security?
That's where Encryption for Jira comes in. With Encryption for Jira, you can rest assured knowing your most sensitive data, fields and attachments are kept under lock and key, safe from prying eyes and breaches.
In this post, we explore how to use Encryption for Jira to start fortifying your data, by giving you the four keys to ultimate, enhanced Jira security, so you have peace of mind knowing your sensitive fields and attachments are safe.
Keep your organisation safe from threats
Despite the number of advanced tools developed to help combat cyber criminals and cyber attacks, data breaches remain a common threat across industries.
One of the key reasons? So often it's down to simple human error. While there is a continued need for organisations to be vigilant and guarded against external threats, it's equally important to ensure protection from within.
The global shift towards remote and flexible working, for example, has meant the way data is handled, and managing access across your company's ecosystem, is now more complex than ever. Equally, the tactics employed by those externally who are trying to gain unauthorised access to your information, are becoming harder and harder to detect, and often prey on your employees' goodwill and vulnerability (think phishing emails, for example).
So you see, it's not just your data you need to protect. It's your people too.
One of the key reasons? So often it's down to simple human error. While there is a continued need for organisations to be vigilant and guarded against external threats, it's equally important to ensure protection from within.
The global shift towards remote and flexible working, for example, has meant the way data is handled, and managing access across your company's ecosystem, is now more complex than ever. Equally, the tactics employed by those externally who are trying to gain unauthorised access to your information, are becoming harder and harder to detect, and often prey on your employees' goodwill and vulnerability (think phishing emails, for example).
So you see, it's not just your data you need to protect. It's your people too.
That's where Encryption for Jira comes in
For organisations using Jira, let's refer back to the initial question - “Is Jira secure?"
The answer, to an extent, is yes.
Jira's native permission settings protect your information from unwanted access on the front end. However, your backend file systems and databases may still be at risk.
With Encryption for Jira, you can ensure your data is securely encrypted, making it significantly more difficult for unwanted users to access.
Let's look at Encryption for Jira in action, and examine the four keys to ultimate Jira security.
The answer, to an extent, is yes.
Jira's native permission settings protect your information from unwanted access on the front end. However, your backend file systems and databases may still be at risk.
With Encryption for Jira, you can ensure your data is securely encrypted, making it significantly more difficult for unwanted users to access.
Let's look at Encryption for Jira in action, and examine the four keys to ultimate Jira security.
4 ways to keep your Jira secure with Encryption for Jira
After installing Encryption for Jira, you can immediately start boosting the security measures in place on your Jira instance.
Here's how it can help:
Here's how it can help:
1. Encrypt your Jira attachments
If you're managing project information and data in Jira, it's highly likely you’ll have sensitive screenshots, documents or reports saved as attachments.
Using Encryption for Jira, you can encrypt all your attachments, ensuring that only those with the right permissions have access to the data via Jira.
To encrypt your attachments, begin by selecting which of your projects in Jira should have their attachments encrypted.
Using Encryption for Jira, you can encrypt all your attachments, ensuring that only those with the right permissions have access to the data via Jira.
To encrypt your attachments, begin by selecting which of your projects in Jira should have their attachments encrypted.
Next:
- Select 'Add-ons' from the Jira Administration menu.
- Select 'Configuration' under Encryption for Jira in the left sidebar.
- Select 'Encrypting attachments' from the progress bar.
From here, you can choose to encrypt all attachments in your Jira instance, or encrypt attachments only for selected projects.
To encrypt attachments in selected projects, choose the projects field and select the check boxes for all the projects you wish to encrypt. You can use the search bar to find the specific projects you want.
Once you've picked your projects and are happy with your choices, hit ‘Save and continue'.
And just like that, your chosen attachments for your projects are safely encrypted.
The attachments and custom fields in encrypted projects will never be visible to anyone in the database (they will be visible to all with access to the project in the front end). Only those with access to the encrypting keys can de-encrypt the projects and then see the attachments from the database.
Easy right? Let's look at the next key to supercharging your Jira security.
Once you've picked your projects and are happy with your choices, hit ‘Save and continue'.
And just like that, your chosen attachments for your projects are safely encrypted.
The attachments and custom fields in encrypted projects will never be visible to anyone in the database (they will be visible to all with access to the project in the front end). Only those with access to the encrypting keys can de-encrypt the projects and then see the attachments from the database.
Easy right? Let's look at the next key to supercharging your Jira security.
2. Create and encrypt custom text fields
If you're using Jira to store sensitive information (for example, salaries, client data, financial records etc.) then encrypted fields is the feature for you.
By encrypting your own custom text fields, you have complete control over how your sensitive data is stored. You can create three types of custom fields specifically for encryption:
By encrypting your own custom text fields, you have complete control over how your sensitive data is stored. You can create three types of custom fields specifically for encryption:
- Single line text field.
- Multi-line encrypted text field.
- Encrypted password field.
As with attachments, your custom fields will always be encrypted in the database. Once you have created these fields, you can use the visibility restrictions in Encryption for Jira (more on that later) to select the visibility permissions for those custom fields on the front end.
How to create custom fields for encryption
Creating a new custom field for encryption purposes is performed in the same way as any other custom fields in Jira.
These custom fields are text and password-type fields, and you can find them in the Jira Administration menu under Issues.
These custom fields are text and password-type fields, and you can find them in the Jira Administration menu under Issues.
1. Select 'Issues' from the Jira Administration menu.
2. Select 'Custom Fields' under Fields in the left sidebar.
3. Click 'Add Custom Field', then select one of the encrypted field types, for example, 'Encrypted Text Field' (single line).
4. Enter a name and description for the custom field.
5. Select 'Next'.
6. Choose whether to apply the field to all issues in your instance or just ones in specified projects. It's recommended to choose selected projects to reduce the impact on indexing time.
7. Select 'Create'.
8. Choose the Jira screen(s) where you want to use this newly-created Encrypted Text Field using the corresponding screen 'Select' checkboxes, then click 'Update'.
Once created, the value of the text field is encrypted within the Jira database.
3. Use visibility settings for complete control over who sees what
So you've created and encrypted your customs fields, but you don't want people to go in and start meddling with what you've just created, even if it's by accident!
To prevent such an occurrence, use Encryption for Jira's visibility settings to restrict access to custom fields and attachments, making sure only those who need to see this information can do so.
By managing your permissions and granting restricted access to specific users, you can protect custom fields and attachments, and hide sensitive information (e.g. client data) while still making the issue available for sharing.
The best part, it's so easy! It's simply a case of toggle control.
As shown below, when the toggles are green, users can see the attachments or encrypted custom fields. When you switch the toggle off, only users with access permissions will be able to see attachments and encrypted custom fields.
To prevent such an occurrence, use Encryption for Jira's visibility settings to restrict access to custom fields and attachments, making sure only those who need to see this information can do so.
By managing your permissions and granting restricted access to specific users, you can protect custom fields and attachments, and hide sensitive information (e.g. client data) while still making the issue available for sharing.
The best part, it's so easy! It's simply a case of toggle control.
As shown below, when the toggles are green, users can see the attachments or encrypted custom fields. When you switch the toggle off, only users with access permissions will be able to see attachments and encrypted custom fields.
With the click of a toggle, you've just added another layer of protection to your Jira security.
4. Run regular checks to spot discrepancies and mitigate risks
Just like taking your car in for a regular service helps prevent the risk of breakdown, running regular checks on your Jira security will help you identify risks to your data, and ensure everything is working as it should be.
Using Encryption for Jira's ‘Cron Configuration' feature, you can easily schedule a background task to verify that all attachments associated with your projects are encrypted or decrypted according to your project-level encryption options. If any discrepancies are found, it automatically applies the correct encryption or decryption setting to the attachments.
To schedule the encryption task:
Using Encryption for Jira's ‘Cron Configuration' feature, you can easily schedule a background task to verify that all attachments associated with your projects are encrypted or decrypted according to your project-level encryption options. If any discrepancies are found, it automatically applies the correct encryption or decryption setting to the attachments.
To schedule the encryption task:
- Select 'Manage Apps' from the Jira Administration menu.
- Click 'Cron Configuration' under Encryption for Jira in the left sidebar.
- Click the 'Enable Cron' checkbox.
- Select the day and time you wish to run the task.
- Click 'Save'. The schedule is saved until you change it. To disable the task at any time, deselect the Enable Cron checkbox.
You've seen Encryption for Jira in action, now try it for yourself!
Encryption for Jira is a game-changer when it comes to fortifying your Jira security.
Protecting your attachments and custom fields, controlling access, and ensuring compliance equips your organisation with the tools needed to keep your sensitive data safe.
Whether you're a small team or a large enterprise, Encryption for Jira offers peace of mind in an increasingly data-driven world. Secure your Jira data and stay ahead of the curve with Encryption for Jira.
Protecting your attachments and custom fields, controlling access, and ensuring compliance equips your organisation with the tools needed to keep your sensitive data safe.
Whether you're a small team or a large enterprise, Encryption for Jira offers peace of mind in an increasingly data-driven world. Secure your Jira data and stay ahead of the curve with Encryption for Jira.
Ready to improve your Jira security with Encryption for Jira?
Start your free 30-day trial of Encryption for Jira by installing the app from the Atlassian Marketplace.
Related Content
Read moreWritten by
Charlie Courtney
Senior Content Marketing Manager
Charlie is the Senior Content Marketing Manager at Upscale, and has worked in B2B/B2C marketing for nearly a decade. Charlie is responsible for crafting integrated content marketing campaigns that elevate our products, champion our brand, and create memorable experiences for our customers.
Related Content
Read more