...
Access should be limited to only those with a legitimate business need and granted based on the principle of least privilege
Security controls should be implemented and layered according to the principle of defencedefense-in-depth
Security controls should be applied consistently across all areas of the enterprise
The implementation of controls should be iterative, continuously maturing across the dimensions of improved effectiveness, increasingly auditable, and decreasing friction
...
Field Level encryption (prior to storage) is used to encrypt sensitive data. Our roadmap includes work to implement best practice multi-tenant row level security (
Jira Legacy | ||||||
---|---|---|---|---|---|---|
|
...
Legacy password usage is already limited, future work is planned to
Jira Legacy | ||||||
---|---|---|---|---|---|---|
|
...
Education
All staff receive onboarding on-boarding security awareness training. Any vulnerabilities found are discussed with the team to share learning.
...