• Documentation

Security settings in a mobile app policy

You can set up different security policies to meet the security needs of specific Atlassian mobile apps.
A mobile app policy allows you to apply security settings to all or some mobile apps at a time. You can also apply the policy to all users in your organization or a subset of managed accounts.

To apply different security settings to all or some of mobile apps, you can create or edit a mobile app policy.

Who can do this?
Role: Organization admin
Plan: Atlassian Guard Standard

Mobile app policy security settings apply to Jira Cloud, Confluence Cloud, and Opsgenie mobile apps for iOS and Android.  What end users experience when you create a policy

Security setting

How it works

Apply policy to

All users in the organization

Your policy applies to all users – both managed and external users – within your organization, including any new users you added after you create the policy. These users have access to your organization’s products.

Subset of managed accounts

Your policy only applies to the users you select. These users must be managed accounts.

App data protection

Block third-party keyboards (iOS only)

Users are unable to use third-party software keyboards.

You’re able to block third-party software keyboards on iOS devices from your mobile app policy. This prevents potential data leakage or unauthorized access to your organization’s Atlassian product data.

Block screenshots and screen recording

This setting applies to Android only.

  • Users cannot take a screenshot of your content while the mobile app is open.

  • Users blocked from using the mobile app if they turn on screen recording.

Prevent cutting or copying data from the mobile app

Users cannot cut or copy data from the mobile app.

Prevent users from sharing, saving or backing up data to their devices

Users cannot perform actions that would allow content to be:

  • Backed up to iCloud or Google Cloud.

  • saved to external storage (for example: SD card).

  • Shared with any other apps.

App access requirement

Allow access from any IP address

Allow access to data in Jira and Confluence apps from any IP address. When you select the Allow access setting you bypass your allowlist

The mobile app runs a series of checks to verify the authenticity of the app to ensure it was downloaded from a genuine app store and is not modified.

Note: We encourage administrators to also enable Block compromised devices when using this setting to enable device integrity checks.

Block compromised (jailbroken or rooted) devices

The mobile app runs a series of checks to verify the integrity of the device. If it is compromised, users are prevented from accessing your organization's data within the app.

Android devices require Hardware-backed Keystore to access the content.

Atlassian reviews and updates the checks regularly to address new device exploits.

Require data encryption

iOS devices and most newer Android devices are encrypted by default.

Users of older devices must enable encryption. If the device cannot be encrypted, they will not be able to use the mobile app on that device.

Require biometric authentication or a device passcode

Users must have a passcode/Face ID/Touch ID (for iOS) or screen lock (Android) enabled on their device.

Users need to authenticate when they open the mobile app and if the mobile app has been in the background for more than 2 minutes.

Set minimum OS version

Require minimum OS version (or higher) on the user device.

Supported versions:

  • iOS: 16 to 18

  • Android: 8.0 to 15

 

Still need help?

The Atlassian Community is here for you.