Scroll to top
en pl

How to increase security during Jira synchronization?


Łukasz Krupa - 7 October 2019 - 0 comments

Synchronization of Jira applications is one of the solutions that allow for effective cooperation with a customer, supplier, or business partner. While maintaining the independence of our environments, we can enjoy quick and seamless cooperation. Additionally, this solution is fully secure.

Read on to learn about IssueSYNC mechanisms that allow securing your data so that it reaches only the target recipient. 

Authentication key

The first of IssueSYNC security systems is the authentication key. It is a specific password that allows synchronization only with a specified Jira instance. This key ensures that the transmitted information will not go beyond the established connection, and no one else will ‘hook’ into your Jira. This key is defined by each synchronization page, and administrators of the trusted channel share this key.

Field selection 

Another configuration element that helps to protect data is the selection of fields that we want to synchronize. If you don’t want to send all the information from your issue or just want to leave some of it only for your employees or teams, this mechanism will allow you to do so. 

Synchronizing only changes 

Synchronization can be configured to skip all attachments or only those that were added before the collaboration. System operation is based on the fact that external persons are not directly admitted to the data in the connected Jira if the administrator in the configuration did not give such a possibility. IssueSYNC can only send changes without historical data between applications.

Filtering

IssueSYNC allows sending notifications that meet specific criteria. Thanks to this, notifications that fail to meet the set conditions are omitted during the synchronization. It uses a very flexible JQL (Jira Query Language) query language, which you can use to ‘cut off’ requests concerning e.g. selected components.

Selected comments

It is also possible to send comments during the process. It depends on which settings are synchronized and which are not. It’s a good idea to set this up right from the start because, by default, all of the comments are sent. Comments can be sent in different ways, one-sided synchronization, two-sided, or partial synchronization. It is also possible to transfer information between Jira Core and Jira Service Desk concerning the visibility levels provided by the Service Desk. 

A conscious choice of synchronized submissions

IssueSYNC with the Create On-Demand option allows selected user groups, such as managers, to synchronize their selected requests. This can be done independently of other automated administrator settings. It allows for handling unusual situations where it is impossible to establish a universal JQL criterion.

Synchronization depending on your process

When synchronization is performed, it can also be configured. Thanks to this, it can be adjusted to your process or workflow. For example, it can be a situation in which the issue reaches the “To do” status. Besides, it is possible to set various conditions and validators that limit the execution of transitions and thus synchronization depending on, e.g. the project role, group, permissions or the values of control fields on the issue.

Possibility to disable synchronization 

Another security mechanism is the ability to disable synchronization at a selected stage of the workflow. For example, issues submitted after the implementation phase by an external provider will not be synchronized anymore. Further communication related to, for example, uploading these works to production, will be visible only in one Jira.

Restricted access to configuration

Synchronization configuration can be carried out only by an authorized person – Jira administrator or project administrator. In the case of the latter, only selected options are available to maintain an adequate level of security. No other user can influence the previously defined synchronization rules. Thus, the responsibility for the correctness of the configuration rests with the administrators.

GDPR

The protection of personal data is guaranteed by the simplest and most effective way, i.e., not storing synchronized data in a separate database or outside the client’s system. IssueSYNC uses the data only until the moment of processing the synchronization messages. 

Behind the firewall

The last security system I would like to mention is that IssueSYNC users can connect to Jira, which is located behind a Firewall. This is done without compromising the security of this environment. Thanks to this, Jira, which is invisible in the public network, can be connected to another instance. 

Summary

Currently, it is impossible not to engage in any cooperation with people from outside our company. At the same time, remember that such cooperation should be carried out as efficiently and effectively as possible – and above all, safely. It is up to you to choose the way of solving this problem. However, I hope that I have convinced you that IssueSYNC can provide security at the highest level during such synchronization.

Related posts