Security Whitepaper

Security Whitepaper topics

Data and configuration transfer

How does Cloud Migration Tool transfer data between Jira Server/Data Center and Jira Cloud?

We use secure HTTPS channels for all data transfers between Jira Server/Data Center instances and Jira Cloud sites.

How do we ensure the security of the network communication between Cloud Migration Tool and Configuration Manager for Jira Cloud?

Data in transit is encrypted to safeguard network communication.

Data analysis

What kind of data analysis does Cloud Migration Tool perform?

Cloud Migration Tool performs analysis of the migrated configuration and data. The app analyzes the configuration and data of the Jira Server/Data Center instance and shows what needs to be changed on the Jira Cloud site to accommodate the data being migrated. If there is a fatal error in the data integrity or configuration conflict, the migration cannot continue until that problem is resolved.

Does Cloud Migration Tool perform data analysis operations for purposes other than the migration itself?

No, all analysis operations are performed only for migration purposes.

Does Appfire collect and preserve customer-sensitive information in an unencrypted state for a period longer than the migration itself?

Right after the deployment, we delete all the customer-sensitive data.

Do we preserve analysis results? If yes, for how long?

The analysis results are preserved only for the migration duration or up to one month if the migration fails.

Are the analysis data/results accessible to any 3rd party entities or organizations?

No. Analysis data/results are not accessible to any third-party entities.

Data residency

Which cloud service provider are we using for the migration infrastructure?

Amazon Web Services hosts the migration infrastructure between Cloud Migration Tool and Configuration Manager for Jira Cloud.

In which regions does the migration infrastructure reside?

Currently resides in US-EAST-1, with plans to offer region selection.

What kind of cloud service do we use for the migration infrastructure?

Virtual Private Cloud (AWS VPC) is utilized.

What type of encryption service do we use to encrypt end-customer data temporarily stored in our cloud infrastructure?

Customer data is fully encrypted during temporary storage and aligned with the highest security industry standards.

Is there any situation where we have access to customer-sensitive data or attachments during or after the migration process?

No one has access to customer data during the migration process. However, you can share your migration data with our support team for quicker issue resolution purposes.

Migration statistics

What kind of migration statistics do we collect?

We collect anonymized (non-sensitive) statistics about migration performance. Everything we collect is described here.

For how long do we keep migration statistics for a certain migration?

Migration statistics may be kept for up to 12 months.

Do our migration statistics retain any customer-related data that could be associated with our end customers in the future?

No.

Where do we store our migration statistics, and can 3rd party companies or organizations access them?

We store migration statistics in a 3rd party analytics platform. All statistical data is encrypted in transit and at rest.

Migration of app data

Are we using the same cloud service provider and already established infrastructure for 3rd party app data migration?

Yes.

How do we handle app data during the migration process?

We do it the same way we manage the Jira core data.

Migration metadata storage

For how long do we store customer or migration-related information?

This information helps us improve the experience of future migrations so we can store it for up to 1 month after a license subscription has ended.

If you have any questions regarding the migration’s security aspects or need help during your migration process, please do not hesitate to contact us – we’ll be glad to help!