Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

JIRA Security

WAJDI ALZINATI
WAJDI ALZINATI July 23, 2020

Hello, 

In regards to Jira Compliance with security standards and certificates mentioned in following URL https://www.atlassian.com/trust/compliance

We would like to use or mention the compliance certificates in our company business profile in order to convince our customers about our systems security that we are using (JIRA Cloud) to process their requests.

So is it allowed to use these details in our business profile which will be definitely referenced to JIRA and clearly mentioned to be powered by atlassian.

 

Answer
Watch
Like Be the first to like this
615 views

1 answer

1 accepted

1 vote
Answer accepted
Daniel Eads
Daniel Eads
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
July 24, 2020

Hi @WAJDI ALZINATI ,

My first thought is that certification requirements vary by certificate. While some certifications require that your vendors (in this case, us - Atlassian) meet certain criteria such as being certified themselves, others don't. You need to examine this on a case-by-case basis for each certification you're trying to meet.

The second thought is that using a certain provider doesn't automatically mean that you've met compliance specifications. As an example, Jira Service Desk sends out emails. While Jira Service Desk itself might meet end-to-end encryption standards necessary for a particular certification, does your mail provider? If email notifications contain customer data and your mail provider doesn't use encryption at rest, you might not be meeting some certification guidelines.

That all being said, the information provided on the trust and compliance page can be used as a pointer when assessing an overall compliance standpoint. I would just recommend viewing it as something that supplements your own company's compliance program, rather than giving you automatic compliance.

Cheers,
Daniel

View More Comments
Matt Doar
Matt Doar
Community Champion
July 24, 2020

This is the documents about Atlassian compliance with certain standards I believe, not user certificates?

Like
WAJDI ALZINATI
WAJDI ALZINATI July 24, 2020

Agree with you , My question is related to JIRA cloud which is mentioned on atlassian Compliance and certificate , accordingly , it should be applied on our DATA processed by JIRA software.

in our case , We have a customers DATA stored and processed in JIRA SW and looking to mention for our customers that their data privacy should be secured.

Simply , is it allowed to present the details in Trust & Security page to explain the level of data privacy we have based on our based on our utilization for Atlassian products.

All these details will be clearly referenced to Atlassian for jira software only excluding any thing out of Jira cloud control such as Email service connected to JIRA or our internal policy etc...

As i understand that JIRA cloud is totally managed by atlassian with small part realted to user.

 

Thanks

Like
WAJDI ALZINATI
WAJDI ALZINATI July 24, 2020

Daniel Eads

Appreciated , totally clear.

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
DEPLOYMENT TYPE
CLOUD
PRODUCT PLAN
FREE
PERMISSIONS LEVEL
Product Admin
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Terms Security
    Welcome illustration

    Welcome to the new Atlassian Community

    Online forums and learning are now in one easy-to-use experience.

    By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.