Security is always kept in the forefront of everything Atlassian does, from product development to managing its partnership ecosystem and app marketplace. They can directly decide what specific security measures get implemented in their own products, but with the cloud section of the Atlassian Marketplace getting ever more crowded, they need to extend their principles beyond Atlassian.
That is what brought the Cloud security program to life.
It's a collaboration between Atlassian and Marketplace vendors who would like to go over and beyond in handling customer data with utmost safety. The program’s goal is to raise software security awareness, improve practices and convey the message to customers that Atlassian and app vendors have the same high cloud security standards.
Data security is of key importance for us here at Midori as well, so we are proud to say that as we released our very first app for Jira Cloud, Better PDF Exporter, we also prioritized to comply with the Atlassian Cloud security program requirements. We stood the technical scrutiny and passed the test.
Cloud security program objectives and requirements
With the Cloud security program Atlassian aims to address three areas of software security:
- Data Security
- Sensitive data handling
- Backups and disaster recovery
Participation in the program is voluntary, but if a vendor embarks on the journey, they have to answer to long pages of questions that assess the team’s ability to address and handle key security related scenarios.
Requirements include having an Information Security Policy in place with supporting Standards and Procedures, a formal change control and release management processes to manage code changes, mechanisms to notify Atlassian in case of a security breach, the capability to recover data for a specific customer in the case of a failure or data loss and many more.
Confirmation that we completed the Cloud Security self-assessment shown on the Marketplace listing
Midori completed the Cloud security self-assessment, and our submitted answers were approved by Atlassian. You can see this in the right sidebar of our cloud app listing.