Learn about security solutions and standards
Care about security? We do too. Learn what Atlassian does and what you can do too.
Security settings in a mobile app policy
You can set up different security policies to meet the security needs of specific Atlassian mobile apps.
A mobile app policy allows you to apply security settings to all or some mobile apps at a time. You can also apply the policy to all users in your organization or a subset of managed accounts.
To apply different security settings to all or some of mobile apps, you can create or edit a mobile app policy.
Who can do this? |
Mobile app policy security settings apply to Jira Cloud, Confluence Cloud, and Opsgenie mobile apps for iOS and Android. What end users experience when you create a policy
Security setting | How it works |
|---|---|
Apply policy to | |
All users in the organization | Your policy applies to all users – both managed and external users – within your organization, including any new users that are added after the policy is created. These users have access to your organization’s products |
Subset of managed accounts | Your policy only applies to the users you select. These users must be managed accounts. |
App data protection | |
Disable sharing, saving or backing up content from the mobile app | Users cannot perform actions that would allow content to be:
|
Disable screenshots and screen recording of the mobile app |
|
Disable cutting or copying content from the mobile app | Users cannot cut or copy content from the mobile app. |
App access requirement | |
Block compromised devices | The mobile app runs a series of checks to verify the integrity of the device. If it is compromised, users are prevented from accessing your organization's content within the app. Android devices require Hardware-backed Keystore to access the content. Atlassian reviews and updates the checks regularly to address new device exploits. |
Block third-party keyboards on iOS | You’re able to block third-party software keyboards on iOS devices from your mobile app policy. This prevents potential data leakage or unauthorized access to your organization’s Atlassian product data.
|
Require data encryption | iOS devices and most newer Android devices are encrypted by default. Users of older devices must enable encryption. If the device cannot be encrypted, they will not be able to use the mobile app on that device. |
Require biometric authentication or a device passcode | Users must have a passcode/Face ID/Touch ID (for iOS) or screen lock (Android) enabled on their device. Users need to authenticate when they open the mobile app and if the mobile app has been in the background for more than 2 minutes. |
Require a minimum OS version | Require minimum OS version (or higher) on the user device. Supported versions are:
|
Allow access from Jira and Confluence mobile apps from any IP address | Allow access to content in Jira and Confluence apps from any IP address. When you select the Allow access setting you bypass your allowlist The mobile app runs a series of checks to verify the authenticity of the app to ensure it was downloaded from a genuine app store and is not modified. Note: We encourage administrators to also enable Block compromised devices when using this setting to enable device integrity checks. |
Was this helpful?
Still need help?
The Atlassian Community is here for you.