Learn about security solutions and standards
Care about security? We do too. Learn what Atlassian does and what you can do too.
BYOK limitations
BYOK encryption for Jira Software is available to all customers with Enterprise plans.
BYOK encryption for Confluence is available through an early access program (EAP) to a number of customers with Enterprise plans. If you're interested in participating in the EAP reach out to your Enterprise account representative.
Data residency
All customer-managed keys must live within the same data residency location. Currently, we are only supporting BYOK encryption in Europe and USA locations. Once you've provisioned BYOK encryption, you can't migrate the data between locations. Learn about data residency
Number of BYOK configurations
You can create only one BYOK encryption (configuration) per organization.
New product is required
Currently you can't add BYOK to an existing product. Once you’ve set up your AWS account and created an IAM role, you need to contact us so we can create the BYOK-enabled product for you.
If you want to add a BYOK product to your site after you've enabled BYOK for another product, you need to reach out to your Atlassian Enterprise account representative to add the product to your site. If you add the product directly, it will not be BYOK-enabled.
Atlassian Analytics
Atlassian Analytics can't access data from BYOK-enabled products.
Sprint burndown insight
For the first couple of months after EAP rollout, sprint burndown insight is not available for BYOK via the right navigation menu on the Jira issue view. The functionality of the sprint burndown chart is still accessible from the reports menu, but the performance isn’t as good as the insight chart. Learn more about Sprint burnout insight
Jira product family
Enabling BYOK encryption for a Jira product, e.g. Jira Software, will also encrypt common aspects of other Jira products on the same site, e.g. Jira Service Management.
Learn about the Jira family of products
Was this helpful?