Confidential Fields with Data Residency for Jira

Meet regulatory requirements & protect sensitive data on Jira Cloud even if there is no data residency for your country yet. Host & encrypt data in your country or database using Confidential Fields.

Comment

Inspiration

  • Our consultants work with Swiss customers. They asked for an option to securely save data in Switzerland when working with Jira Cloud.

  • We wanted to enable our customers to use Jira Cloud confidently.

  • We wanted to create our first Forge app to gain knowledge about what is possible with it.

What it does

  • The app allows the creation of custom fields (called “Confidential Fields”), whose inputs can be stored either in the current Jira Data Residency or in a hosting provided within the app. Currently, we offer hosting in Switzerland.

  • It is possible to restrict the view and edit permission for each Confidential Field.

  • The values of the Confidential Fields are encrypted with AES 256 and saved in the selected hosting database.
 Only Jira users with view permission can read the values of the Confidential Fields.

How we built it

  • The information and diagrams in our documentation show how we built the app to ensure that only Jira users can read the Confidential Fields' values. Neither Atlassian nor we at bitvoodoo can decrypt and view the data.

  • We built and reviewed a prototype, defined an MVP, had design workshops to define the app's UI/UX, and specified the required tasks for the development of the MVP and follow-up versions.

  • Using continuous reviews and pull requests, we were able to share the knowledge with the entire development team, so that everyone understood the framework.

Challenges we ran into

Accomplishments that we are proud of

  • We implemented the original app idea: providing additional hosting options, data security, and confidentiality.

  • We could keep the design and user interface simple and clear.

  • The experience we have gained in the implementation of this app, will help us create more Forge apps confidently.

What we learned

  • Develop a Forge app with multiple developers

  • the deployment process for Forge

  • benefits and limitations of Forge and its custom fields

What's next for Confidential Fields with Data Residency for Jira

  • Additional hosting options in other countries.

  • Allow app customers to store Confidential Fields' data on their own databases.

  • An API that allows customers to retrieve decrypted Confidential Field value outside of Jira.

Built With

  • aiven.io
  • api
  • bitbucket
  • forge
  • jwt
  • node.js
  • pipelines
  • springboot
  • typescript
  • typescript-and-the-jira-api.-bitbucket-cloud-and-pipelines-the-external-service-is-implemented-in-springboot
Share this project:

Updates