Confidential Fields with Data Residency for Jira: Who benefits from this Cloud data security app?

As we announced in a previous post, we have a Jira Cloud app fresh off the press: Confidential Fields with Data Residency for Jira. This post covers the different use cases, especially in Jira Cloud.

We built this app to establish Jira security best practices and resolve typical problems and requirements that companies face when using Jira Cloud (or considering moving to Jira Cloud):

Confidential Fields that fulfill regulatory requirements for Jira Cloud Data Security

Do you need to follow legal regulations by storing data in a secure database located in a specific region? Currently, we offer Jira Data Residency in our app. We will constantly add more hosting options according to your requirements.

Confidential Fields with Data Residency for Jira will also help you protect sensitive data from customers and employees alike, which is also a regulatory requirement.

How to restrict view or edit access to sensitive data on Jira

Data residency on Atlassian has been a tricky subject since day one. Do you have a hard time bringing (potentially) sensitive data to Jira Cloud because the data privacy officer strongly advises against it? The data would be beneficial to the workflow of users with specific roles, while standard users should not see it on Jira? This is where Confidential Fields come into play.

Custom fields vs. Confidential Fields: “Custom fields” are the built-in solution for company-specific Jira data. The app Confidential Fields for Jira Cloud offers an additional layer of security with its Confidential Fields. If you store your sensitive data in the app’s built-in Confidential Fields instead of the standard custom fields, you can apply specific view and edit permissions to each field. Permissions can be based on project role, group membership, or assignee, to name just a few. Read how to set up Confidential Fields. Furthermore, the data in Confidential Fields is heavily encrypted (read all about this below ⬇️) and follows Jira security best practices.

🧑‍💼👩🏽‍🏭 Confidential Fields for companies in any industry

Companies of all sizes and in any industry handle sensitive data, namely the HR data of their employees. Examples include their private phone number, salary, bank details, birthdays, and confidential notes on their health, to name just a few – in fact, any HR information might be considered confidential. Using Confidential Fields with Data Residency for Jira for their data, companies can tick the following boxes:

• Keep data secure in Cloud: If the data is stored in a Confidential Field, it is not accessible to anyone without viewing permission. This prevents sensitive data from unauthorized access.

• Comply with regulations in heavily regulated industries: Many data privacy laws require companies to protect their employees’ personal information (among others). Storing sensitive data in a custom field helps to ensure that the data is properly protected and that the company is compliant with all relevant regulations.

• Avoid data breaches: If sensitive HR data is stored in Confidential Fields, it will be next to impossible for unauthorized individuals to access it. The data is encrypted and can only be decrypted by users in possession of the secret key & initialization vector per field.
  📖 Read all about the encryption in the Confidential Fields documentation.

• Avoid data loss: If the data is stored in a Confidential Field with restricted access on Jira, it is less likely to be lost or accidentally deleted. This is important for sensitive data that must be kept safe and secure.

🏦 👨🏼‍💼 Confidential Fields for banks, the insurance industry, and other highly regulated industries

The points mentioned above are relevant to any industry when it comes to practicing Jira security best practices. For banks and the insurance industry (among others), there are even stricter regulations. Here’s how they can profit from using the Confidential Fields app for data security in Cloud:

• Comply with data security regulations: Banks must store sensitive customer data to comply with banking regulations like anti-money laundering. This data includes customer names, addresses, phone numbers, account numbers, and social security numbers. By storing this data in Confidential Fields in Jira, banks can ensure that it is properly secured and only accessible to authorized personnel.
• Establish trust: Customers are generally happier knowing their sensitive data is safeguarded properly. This can help to build trust and loyalty between a bank or insurance company and its customers.
• Prevent fraud: Confidential Fields protect the customer’s identity and financial information. Since unauthorized individuals cannot access the data within Confidential Fields, they cannot use it for fraud.
• Improve customer service: Since the data within Confidential Fields is easily accessible to customer service representatives with the right permission, they can use it to resolve customer issues more efficiently.

🏥 👩🏾‍⚕️ Confidential Fields for the healthcare sector

Confidential Fields are important in the healthcare sector because they provide a way to safely organize and store sensitive patient data. Patient information can include medical history, diagnoses, medications, insurance information, and more. Using Confidential Fields with Data Residency for Jira, you can make sure that only authorized personnel can view and edit this highly sensitive data while conforming to Atlassian’s HIPAA compliance.

Managing patient information in Confidential Fields efficiently can also help reduce costs and improve patient outcomes. Furthermore, today’s patients are very aware of data security. By storing and handling their health records in Confidential Fields, you are more likely to gain their trust.

Your Confidential Fields use case is not covered? Let us know!

Confidential Fields with Jira Data Residency is a new app by bitvoodoo, made with Cloud data security and Jira security best practices in mind, and we’d love to have your thoughts about it.

Do you want to store encrypted data in your own database? Do you need a different data location? We are very willing to make this happen in the future.

Please contact our support and let us know your exact requirements!

We have also created an Atlassian Community post on the subject of managing sensitive data in the cloud.