Security and compliance
Â
Where is your data?
Panorama data is stored in AWS data centers in the United States. Data is protected with the following controls:Â
Encryption of data-at-rest using a symmetric key. The key is rotated every 90 days.
Encryption of token used for Jira data access using a symmetric key, rotated every 90 days.
Database access credentials are encrypted and rotated.
Data of customers who stopped using the service is deleted within a month after service usage termination.
Data-in-transit is sent only through a secure protocol.
Customer data is not logged.
Access control
Access to environment hosting Panorama data is strictly restricted to Digital Toucan staff.
Access credentials for the staff are rotated quarterly and protected with two-factor-authentication.
Single system for revoking control to production environment.
Digital Toucan won't grant access to customer data to any 3rd party company.
Disaster recovery
Infrastructure runs with one data-centre redundancy. This follows AWS public guideline to distribute traffic across two different availability zones, to handle the case in which one of them is unavailable.
In case of major outage, the service has capability to run in other AWS region or on infrastructure of different Cloud provider.
Daily backups are stored on S3 and distributed to two AWS regions (us-east-1 and us-west-2) to handle scenario in which the primary region fails.
Data recovery
Maximum data loss is 24 hours, backups are done daily.
Â
What data is stored?
Panorama does not extract or store any data that comes from your Jira instance.
It stores:
information about the host that is required for authentication
data created within the add-on, such as structure of your work
For instance, the service keeps information about panorama's name, identifiers of the issues added to the panorama and identifiers of the users who performed actions in the panorama. The service doesn't store information about issues, users or projects.Â
Below you can see an example on how the data is stored in the database.Â
{ "_id" : "jira:f6f1d26e-78aa-4d26-9e36-20ee3a47b6ac", "publicKey" : "***", "sharedSecret" : "***", "baseUrl" : "https://jqlsearchextensions.atlassian.net", "productType" : "jira", "description" : "Atlassian JIRA at https://jqlsearchextensions.atlassian.net", "addonInstalled" : true}{ "_id" : ObjectId("5b582ca5835e13000443333c"), "panoramaId" : "5b582c98835e130004433339", "parentId" : "5b582c99835e13000443333a", "created" : ISODate("2018-07-25T07:54:13.338Z"), "updated" : ISODate("2018-07-25T07:54:13.338Z"), "type" : "ISSUE", "issueId" : NumberLong(12731), "tenantId" : "jira:f6f1d26e-78aa-4d26-9e36-20ee3a47b6ac", "state" : "ACTIVE", "childrenOrder" : [ "5b582cb0835e13000443333e" ], "creator" : { "$ref" : "jiraUser", "$id" : ObjectId("5b3640f8f4a17f0004143c40") }}
Related articles
Â
Â