Skip to end of banner
Go to start of banner

Security and Safety

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 54 Next »

Agile Cards is built with safety and security in mind. Here are a few facts which will help you understand its architecture and that using Agile Cards should no impact on your security whatsoever.

Analytics

Agile Cards come with inbuilt analytics. The data collected by Agile Cards pertains only to the statistical usage of the add-on. It helps the team at Spartez optimize the solution and implement even better future versions. 

If you do not wish to have the usage data collected from your instance, you can disable the analytics. Agile Cards depends on the global Jira setting for analytics collection.

What data are read and stored by Agile Cards

Issue data

All the data pertaining to the content of the actual issues are read by JavaScript code launched within your browser window. None of the elements of this data is saved nor processed outside of your browser windows and Jira. 

Template settings

Agile Cards stores only the data related to the templates configured for its usage:

  • names of the templates
  • user key of the last person that has modified the template,
  • user key of a template owner,
  • template settings configurable through the Agile Cards interface

Feedback form

Agile Cards provides feedback form that gathers the following data:

  • feedback content
  • information about person raising the request:
    • full name
    • email
    • IP address
  • information about license
    • license SEN
    • plugin version
    • license type (paid/evaluation)
    • hosting (server/cloud)

How is data secured?

Agile Cards for Jira Server

The code of Agile Cards is downloaded from Atlassian Marketplace directly to Jira and is never served from any third party servers. This means that all the fundamental safety mechanisms applied by Atlassian to your Jira code and data are also applied to Agile Cards code and data. All the configuration data of Agile Cards is stored on Jira and never leaves it.

Agile Cards for Jira Cloud

The code of Agile Cards is served from secure Spartez infrastructure as presented on the diagram below.


In Agile Cards for Jira Cloud we stick to the following security guidelines:


  • All external incoming or outgoing connections (or connection that go via public network) are made using secure protocol (for example: https,ssh). 
    If secure protocol cannot be used the sensitive content must be protected by other means.
  • Every connection, that is crossing network border(external or internal), is protected by at least one security measure (certificate, token, etc).
  • No security measure can be used to cross multiple network borders. 
    For example, if we protect connections to Cloud internal network using Certificate A, then it cannot be used to protect connections to Spartez internal network


How does Agile Cards synchronization work?

Agile Cards synchronization algorithm is written in JavaScript. This means that the photo is processed entirely within the browser, and no part of the photo is sent outside of the device you have used to access the Agile Cards. In particular, no part of the photo is processed on your Jira server and no data about the content of the photo is ever sent over to Spartez server.

Who gets access to Agile Cards UI?

Depending on the type of user, here are the available options:


print cards using existing templatescreate, remove or edit print templatessetup physical boardsperform physical board synchronizationperform rank order synchronization
Jira admins(tick)(tick)(tick)(tick)(tick)
Project admins(tick)(tick)(tick)(tick)(tick)
Other users(tick)(error)(error)(error)(error)


Subprocessors

Spartez may use the following Subprocessors in the Processing of Client Personal Data related to Agile Cards for Jira:

  • No labels