Care about security? We do too. Learn what Atlassian does and what you can do too.
Use a data security policy to control how your organization’s data is shared with users and apps. What is a data security policy?
To set up a data security policy, you need to:
Create a policy
Choose what data to cover
Configure the policy rules
Activate the policy
1. Create a policy
To create a new data security policy:
Select Create policy and give the policy a name.
You now have an empty policy. Next, you need to add policy coverage and rules.
2. Choose what data to cover
The option to cover specific spaces and projects is only available through our Early Access Program (EAP).
To choose what data to cover:
From your policy, select Add coverage.
(EAP only) Choose whether to cover entire Products or specific Spaces and projects. This can’t be changed once saved.
Select the data you want to cover, then select Next. You can change this selection at any time.
Review the coverage then select Save.
3. Apply rules and activate the policy
Only rules that are available for the coverage you selected will appear in your policy. Rules are set to allow by default, and must be configured. Manage data security policy rules
To configure a policy rule:
From your policy, select the policy rule you want to configure.
Follow the prompts to configure the rule then select Save.
If a rule is configured to block an action, it be indicated under the rule name. In the example below the Data Export rule is configured to block exports, and the Public links rule is not configured, which means public links are allowed.
4. Activate the policy
Before activating a policy, we recommend you communicate the impact to your end users.
To activate the policy:
From your policy, select Activate policy.
It may take a few moments for rules to be enforced on the selected spaces or products.