Atlassian Guard and your options for Cloud/Data Center security

atlassian-guard-and-your-options-cloud-data-center-security-header

Atlassian Guard is another attempt by Atlassian to consolidate its products. A bit like them turning Jira Software and Jira Work Management into Jira.

This time, they’re consolidating their cloud security products. Specifically, Atlassian Access and Atlassian Beacon, which was in beta testing.

Let’s take a closer look at what Atlassian Guard is and what the security options are for both Atlassian Cloud and Atlassian Data Center customers.

What is Atlassian Guard?

Atlassian Guard is the new branding for two cloud security products, Atlassian Access and Atlassian Beacon beta. Atlassian Access was Atlassian’s user management and authentication tool, while Atlassian Beacon was a tool for mitigating risks to your cloud data with threat detection and response capabilities.

Atlassian Guard therefore comes in two versions:

  • Atlassian Guard Standard (formerly Atlassian Access)
  • Atlassian Guard Premium (formerly Atlassian Beacon beta)

What does Atlassian Guard Standard offer?

Atlassian Guard Standard is simply the new name for Atlassian Access. It helps protect against data loss with user management and authentication capabilities.

Its main benefit has always been enabling users to log in to Atlassian Cloud products using single sign-on (SSO) via your company’s identity provider.

It also offers cross-domain identity management (SCIM), two-step verification, and application programming interface (API) token controls. In addition, you get some features for detecting and investigating suspicious activity.

What does Atlassian Guard Premium offer?

Firstly, Atlassian Guard Premium offers some extra protection against data loss on top of what you get with Atlassian Guard Standard. Namely, the ability to label your most sensitive work with data classification levels, and apply data security policies to things like exporting data and creating public links.

Secondly, Atlassian Guard Premium offers features for detecting and responding to suspicious activity such as content scanning and alerts.

Just because Atlassian Guard Premium has “Premium” in its name doesn’t mean it’s only available for Jira Premium or Confluence Premium. Guard Premium is available for the standard versions of Jira and Confluence as well.

How does Atlassian Guard affect Cloud customers?

If you already had Atlassian Access, all that’s changing is that it’s now called Atlassian Guard Standard and there are some new features coming. These include enforced SSO for external users and expanded data and mobile security policies.

If you are a Cloud Enterprise customer, then Atlassian Access was already included in your plan, which means Atlassian Guard Standard is as well.

Atlassian Guard Premium is currently in limited availability, and we'll go into this more shortly.

How does Atlassian Guard affect Data Center customers?

Technically, Atlassian Guard has no effect on Data Center customers because it is a cloud-only product.

Data Center customers wouldn’t need Atlassian Guard Standard anyway. In Data Center, user management happens in a variety of ways: via each product, through Jira, or by connecting to Atlassian Crowd. Atlassian Crowd offers SSO capabilities and allows you to manage users from multiple directories such as Active Directory, Lightweight Directory Access Protocol (LDAP), or Azure AD.

Atlassian Guard Premium is a different story. Cloud customers are getting threat detection capabilities, but detecting and dealing with threats is something that Atlassian takes no responsibility for in the case of Data Center customers. Your Atlassian security is completely up to you.

However, there is a solution available on the Atlassian Marketplace that acts as an alternative to Atlassian Guard Premium for Data Center customers. This is the Data Protection & Security Toolkit. This app allows you to do advanced content scanning and automatically clean up your instance of any type of sensitive or leaked data.

The Data Protection & Security Toolkit is actually more powerful than Atlassian Guard Premium for a few reasons:

  • it can clean up historic data, which Guard Premium can’t do
  • it has more content scanning and automation options than Guard Premium (more on this shortly)
  • it enables you to anonymize users in bulk, e.g. inactive, disabled, or unknown users.

How this change helps Data Center customers looking to migrate to the cloud

Atlassian Guard Premium comes with three major information security capabilities that some companies need before they can migrate to Atlassian Cloud:

  1. the ability to identify, classify, and remediate leakage of the most important data (e.g. PII, IP)
  2. access to audit logs recording all user activity
  3. the ability to control usage of API tokens and service/bot accounts

Having these capabilities in Cloud removes a major barrier to migration and enables Data Center customers who had been wanting to move to Atlassian Cloud to finally make the jump.

Understanding the ‘limited availability’ of Atlassian Guard Premium

Atlassian Guard Premium is in limited availability, which means it’s being rolled out to a limited set of customers and you have to register your interest with Atlassian.

Unfortunately, Atlassian has no timeline for when the limited availability will end and the product will become fully available. Nor can they tell companies how long they have to wait for access once they have registered their interest.

Is there an alternative to Atlassian Guard Premium for Cloud users?

You may decide that Atlassian Guard Premium is too expensive, or that you need the threat detection and response capabilities now and don’t want to wait for the limited availability to end.

If that is the case, consider installing the Cloud version of the Data Protection & Security Toolkit instead. Although it doesn’t have exactly the same feature set as the Data Center version, it remains more powerful and flexible than Atlassian Guard Premium. In the next section we’ll explore how.

Atlassian Guard Premium vs the Data Protection & Security Toolkit

The main difference between Atlassian Guard Premium and the Data Protection & Security Toolkit is in how deep they go on responding to threats.

Atlassian Guard Premium will send alerts and make remediation suggestions, but that’s it. The Data Protection & Security Toolkit will actually do the remediation for you. Built into the app are automation capabilities that Guard Premium doesn’t have. These let you automatically redact, replace, and restrict access to content, add comments and labels, notify stakeholders, and more.

You can expand the possibilities further by using the Data Protection & Security Toolkit in conjunction with native Jira and Confluence automation rules. For example, you could use the labels you’ve added to sensitive content as a trigger for an action, such as creating an issue in Jira or an incident in Jira Service Management, transitioning an issue, or sending messages via Microsoft Teams or Slack.

Screenshot showing automation actions in the Data Protection & Security Toolkit

You could also configure any number of additional actions to be triggered by an external app with an API, e.g. displaying scan results in app monitoring systems like Grafana.

Finally, Atlassian Guard Premium will scan everything in your instance, but the Data Protection & Security Toolkit allows you to select which fields should be scanned and which should be ignored. This reduces the load on your system and facilitates faster scans.

Oh, and there’s another crucial difference: the Data Protection & Security Toolkit is much cheaper than Atlassian Guard Premium!

To summarize (TL;DR)

  • Atlassian Guard is basically two cloud security products rebranded: Atlassian Guard Standard (used to be Atlassian Access) and Atlassian Guard Premium (used to be Atlassian Beacon beta).
  • For Atlassian Cloud users who had Atlassian Access, nothing much is changing. Your product will just change its name to Atlassian Guard Standard and you’ll get some new capabilities.
  • Atlassian Guard Premium is a tool for detecting and dealing with threats to your data, and will be of interest both to Cloud and Data Center customers. However, Guard Premium is only available on Cloud because dealing with data threats is considered a Data Center customer’s responsibility, not Atlassian’s. Therefore, if you want Guard Premium capabilities for Data Center, consider installing the Data Protection & Security Toolkit.
  • Even Cloud users who want a cheaper Atlassian security product and aren’t willing to wait for the ‘limited availability’ of Atlassian Guard Premium to end should consider the Data Protection & Security Toolkit. Particularly since it is in fact more powerful than Guard Premium.

Want advanced Atlassian security and threat detection/remediation now? Schedule a demo or try the Data Protection & Security Toolkit free for a month.


Further Reading

Forget Less and Ensure Quality with didit Checklists for Atlassian Cloud Forget Less and Ensure Quality with didit Checklists for Atlassian Cloud Forget Less and Ensure Quality with didit Checklists for Atlassian Cloud