Skip to main content
4 keys to enhancing your Jira security
Share on socials

Keeping your data safe: 4 keys to enhanced Jira security

Charlie Courtney
Charlie Courtney
23rd February, 2024
Keeping your data safe: 4 keys to enhanced Jira security
Charlie Courtney
Charlie Courtney
23rd February, 2024
Quick links
Is Jira secure?
Keep your organisation safe from threats
4 ways to keep your Jira secure with Encryption for Jira
1. Encrypt your Jira attachments
2. Create and encrypt custom text fields
3. Use visibility settings for complete control over who sees what
4. Run regular checks to spot discrepancies and mitigate risks
Get started with Encryption for Jira

Explore how to use Encryption for Jira to fortify your data and get peace of mind knowing your sensitive fields and attachments are safe.

You're using Jira to manage your organisation's projects and workflows.
Everything appears to be going swimmingly. You have great people and a great team, all using the platform to work collaboratively towards common, unified goals. You have clear objectives, and your plans and priorities are all aligned to help you achieve success.
However, something still doesn't feel quite right. There's still a nagging question in the back of your mind.

Is Jira secure?

Like a shark lurking beneath the shallows, the threat of data breaches is constantly there, waiting for the opportunity to strike.

So how can you ensure ultimate, impenetrable Jira security?

That's where Encryption for Jira comes in. With Encryption for Jira, you can rest assured knowing your most sensitive data, fields and attachments are kept under lock and key, safe from prying eyes and breaches.

In this post, we explore how to use Encryption for Jira to start fortifying your data, by giving you the four keys to ultimate, enhanced Jira security, so you have peace of mind knowing your sensitive fields and attachments are safe.

Keep your organisation safe from threats

Despite the number of advanced tools developed to help combat cyber criminals and cyber attacks, data breaches remain a common threat across industries.

One of the key reasons? So often it's down to simple human error. While there is a continued need for organisations to be vigilant and guarded against external threats, it's equally important to ensure protection from within.

The global shift towards remote and flexible working, for example, has meant the way data is handled, and managing access across your company's ecosystem, is now more complex than ever. Equally, the tactics employed by those externally who are trying to gain unauthorised access to your information, are becoming harder and harder to detect, and often prey on your employees' goodwill and vulnerability (think phishing emails, for example).

So you see, it's not just your data you need to protect. It's your people too.

That's where Encryption for Jira comes in

For organisations using Jira, let's refer back to the initial question - “Is Jira secure?"

The answer, to an extent, is yes.

Jira's native permission settings protect your information from unwanted access on the front end. However, your backend file systems and databases may still be at risk.

With Encryption for Jira, you can ensure your data is securely encrypted, making it significantly more difficult for unwanted users to access.

Let's look at Encryption for Jira in action, and examine the four keys to ultimate Jira security.

4 ways to keep your Jira secure with Encryption for Jira

After installing Encryption for Jira, you can immediately start boosting the security measures in place on your Jira instance.
Here's how it can help:

1. Encrypt your Jira attachments

If you're managing project information and data in Jira, it's highly likely you’ll have sensitive screenshots, documents or reports saved as attachments.

Using Encryption for Jira, you can encrypt all your attachments, ensuring that only those with the right permissions have access to the data via Jira.

To encrypt your attachments, begin by selecting which of your projects in Jira should have their attachments encrypted.
encrypting attachments button
Next:
  1. Select Add-ons from the Jira Administration menu.
  2. Select Configuration under Encryption for Jira in the left sidebar.
  3. Select Encrypting attachments from the progress bar.
From here, you can choose to encrypt all attachments in your Jira instance, or encrypt attachments only for selected projects.
encrypt attachments in Jira projects toggle
To encrypt attachments in selected projects, choose the projects field and select the check boxes for all the projects you wish to encrypt. You can use the search bar to find the specific projects you want.

Once you've picked your projects and are happy with your choices, hit ‘Save and continue'.

And just like that, your chosen attachments for your projects are safely encrypted.

The attachments and custom fields in encrypted projects will never be visible to anyone in the database (they will be visible to all with access to the project in the front end). Only those with access to the encrypting keys can de-encrypt the projects and then see the attachments from the database.

Easy right? Let's look at the next key to supercharging your Jira security.

2. Create and encrypt custom text fields

If you're using Jira to store sensitive information (for example, salaries, client data, financial records etc.) then encrypted fields is the feature for you.

By encrypting your own custom text fields, you have complete control over how your sensitive data is stored. You can create three types of custom fields specifically for encryption:
  1. Single line text field.
  2. Multi-line encrypted text field.
  3. Encrypted password field.
Once you have created these fields, you can set the permissions using the visibility restrictions in Encryption for Jira (more on that later).

As with attachments, your custom fields will always be encrypted in the database. Once you have created these fields, you can use the visibility restrictions in Encryption for Jira (more on that later) to select the visibility permissions for those custom fields on the front end.
How to create custom fields for encryption
Creating a new custom field for encryption purposes is performed in the same way as any other custom fields in Jira.

These custom fields are text and password-type fields, and you can find them in the Jira Administration menu under Issues.
1. Select Issues from the Jira Administration menu.
2. Select Custom Fields under Fields in the left sidebar.
3. Click Add Custom Field, then select one of the encrypted field types, for example, Encrypted Text Field (single line).
encrypted text field option
4. Enter a name and description for the custom field.
naming your custom field
5. Select Next.
6. Choose whether to apply the field to all issues in your instance or just ones in specified projects. It's recommended to choose selected projects to reduce the impact on indexing time.
configure your project encryption
7. Select Create.
8. Choose the Jira screen(s) where you want to use this newly created Encrypted Text Field using the corresponding screen Select checkboxes, then click Update.
update Jira with new custom fields
Once created, the value of the text field is encrypted within the Jira database.

3. Use visibility settings for complete control over who sees what

So you've created and encrypted your customs fields, but you don't want people to go in and start meddling with what you've just created, even if it's by accident!

To prevent such an occurrence, use Encryption for Jira's visibility settings to restrict access to custom fields and attachments, making sure only those who need to see this information can do so.

By managing your permissions and granting restricted access to specific users, you can protect custom fields and attachments, and hide sensitive information (e.g. client data) while still making the issue available for sharing.

The best part, it's so easy! It's simply a case of toggle control.

As shown below, when the toggles are green, users can see the attachments or encrypted custom fields. When you switch the toggle off, only users with access permissions will be able to see attachments and encrypted custom fields.
toggle attachment visibility
With the click of a toggle, you've just added another layer of protection to your Jira security.

4. Run regular checks to spot discrepancies and mitigate risks

Just like taking your car in for a regular service helps prevent the risk of breakdown, running regular checks on your Jira security will help you identify risks to your data, and ensure everything is working as it should be.

Using Encryption for Jira's ‘Cron Configuration' feature, you can easily schedule a background task to verify that all attachments associated with your projects are encrypted or decrypted according to your project-level encryption options. If any discrepancies are found, it automatically applies the correct encryption or decryption setting to the attachments.

To schedule the encryption task:
  1. Select Manage Apps from the Jira Administration menu.
  2. Click Cron Configuration under Encryption for Jira in the left sidebar.
  3. Click the Enable Cron checkbox.
  4. Select the day and time you wish to run the task.
  5. Click Save. The schedule is saved until you change it. To disable the task at any time, deselect the Enable Cron checkbox.
verify your encryption is working

You've seen Encryption for Jira in action, now try it for yourself!

Encryption for Jira is a game-changer when it comes to fortifying your Jira security.

Protecting your attachments and custom fields, controlling access, and ensuring compliance equips your organisation with the tools needed to keep your sensitive data safe.

Whether you're a small team or a large enterprise, Encryption for Jira offers peace of mind in an increasingly data-driven world. Secure your Jira data and stay ahead of the curve with Encryption for Jira.

Install today from the Atlassian Marketplace, and start taking your Jira security to the next level.

Ready to improve your Jira security with Encryption for Jira?

Start your free 30-day trial of Encryption for Jira by installing the app from the Atlassian Marketplace.
Written by
Charlie Courtney
Charlie Courtney
Senior Content Marketing Manager
Charlie is the Senior Content Marketing Manager at Upscale, and has worked in B2B/B2C marketing for nearly a decade. Charlie is responsible for crafting integrated content marketing campaigns that elevate our products, champion our brand, and create memorable experiences for our customers.
Atlassian