Learn about security solutions and standards
Care about security? We do too. Learn what Atlassian does and what you can do too.
What is BYOK encryption for Atlassian products?
The BYOK encryption feature is available through an early access program (EAP) to a number of customers with Enterprise plans for Jira Software. If you are interested in participating in the EAP reach out to your account representative.
For any issues during this process, contact support. For any AWS-related questions, contact AWS support.
Bring Your Own Key (BYOK) encryption allows you to encrypt certain product data for Jira Software with keys hosted in your external AWS account. Learn what product data can be managed with BYOK
The encryption keys are provisioned and managed in AWS Key Management Service (KMS).
Benefits of our BYOK encryption
Added protection for your sensitive data via encryption keys that are dedicated to your organization and managed in customer-owned infrastructure.
Increased control over your sensitive data by revoking access to encryption keys.
Visibility into logs of access to encryption keys using AWS CloudTrail.
BYOK encryption vs Atlassian-managed encryption
If you don’t use BYOK encryption, your data is encrypted using Atlassian-managed keys.
BYOK encryption | Atlassian-managed encryption |
|---|---|
Atlassian requests keys to be provisioned in the customers’ own AWS accounts. | Keys generated by Atlassian in an Atlassian-owned AWS account, and shared among customers. |
Eligibility for BYOK encryption
To use our BYOK encryption, you’ll need to:
be a part of the early access program (EAP)
have a Cloud Enterprise or a Cloud Enterprise trial subscription
be able to set up a dedicated AWS account for Atlassian BYOK
Pricing may change when the feature becomes generally available.
Next steps
Was this helpful?