Learn about security solutions and standards
Care about security? We do too. Learn what Atlassian does and what you can do too.
BYOK encryption for Jira Software is available to all customers with Enterprise plans.
BYOK encryption for Confluence is available through an early access program (EAP) to a number of customers with Enterprise plans. If you're interested in participating in the EAP reach out to your Enterprise account representative.
Bring Your Own Key (BYOK) encryption lets you encrypt Jira Software product data with keys hosted in your external AWS account. If you're participating in the Confluence EAP, you can also encrypt Confluence product data.
Learn what product data can be managed with BYOK
The encryption keys are provisioned and managed in AWS Key Management Service (KMS).
BYOK encryption gives you:
Added security for sensitive data. By hosting your own encryption keys, you manage and control the keys at all times.
Increased control over access to data. Revoking access to the keys suspends access to all your products. With the ability to revoke access to encryption keys at any time, you can reduce risk of unauthorized access.
Visibility into account activity across your AWS infrastructure. Record activity and access audit logs using AWS CloudTrail.
If you don’t use BYOK encryption, your data is encrypted using Atlassian-managed keys.
The keys are provisioned and managed in the customers’ own AWS accounts.
Atlassian generates keys in an Atlassian-owned AWS account, and the keys are shared among customers.
To use our BYOK encryption for Jira Software, you need a Cloud Enterprise or a Cloud Enterprise trial subscription.
To use our BYOK encryption for Confluence, you also need to participate in the Early Access Program (EAP).
You first need to set up an AWS account and create an IAM role.
Next, contact your Enterprise account representative and provide us with information such as your AWS account ID, where you want to host your product data, and the products you want to encrypt using BYOK. We’ll set up BYOK encryption for you and add BYOK-encrypted products to your Enterprise plan. Learn how to set up BYOK encryption
Was this helpful?