How to secure Atlassian Cloud Applications ?
“Arguing that you don’t care about the right to privacy because you have nothing to hide is no different than saying you don’t care about free speech because you have nothing to say.” – Edward Snowden
Atlassian’s announcement that it would be shutting down its server instances had a significant impact on the customers. Confusion grew among people as some chose Atlassian’s Data Center while others chose Atlassian Cloud. Both Data Center and Cloud have their own set of benefits and drawbacks. Given that Atlassian itself faced a cyber attack, one of the most common questions was, “Is Atlassian Cloud secure in terms of cyber threats?”..
Products made by Atlassian are high quality, very secure, and reliable. But as they say, there is always scope for improvement. This article will mainly focus on how we can make Atlassian Cloud applications more secure, avoid cyber-attacks, and ensure vulnerability management.
When we talk about securing an application for thousands of users, adding an extra layer of authentication on top of the basic authentication can prove to be extremely helpful in ensuring security. With 2 layers of authentication, hacking into any system becomes more difficult. Hence, there is an increase in demand for authentication methods such as Single Sign-On (SSO), Two Factor Authentication (2FA), and Multi-factor Authentication (MFA) in the last couple of years.
Atlassian provides an additional level of security by allowing users to Single Sign-On. Single Sign-On (SSO) and Two Factor Authentication (2FA) go hand in hand so it won’t be an issue for customers who are using the in-built SSO solution for Atlassian Cloud.
Let’s understand what Single Sign-On (SSO), Two-Factor Authentication (2FA) or Multi-Factor Authentication (MFA) are and how they are used to secure Atlassian cloud applications.
Single Sign-On (SSO)
Single Sign-On (SSO) is an authentication process in which a user is authenticated against the Identity Provider which is connected to the Atlassian Applications. These users authenticate using XML assertion in SSO. This reduces security threats and protects user data.
Atlassian has an inbuilt connector for Single Sign On (SSO) which works well for SAML Identity Providers and it is highly recommended to solve complex use-cases like login with multiple IDPs and managing user permissions.
With the miniOrange Atlassian SAML/OAuth Single Sign-On (SSO) plug-in, you can perform seamless login into your Atlassian applications.
Two Factor Authentication (2FA)
Two-factor authentication (2FA), sometimes referred to as two-step verification, is a security process in which users provide two different authentication factors to verify themselves on top of the username and password authentication. This process is done to better protect both the user’s credentials and the resources the user wants to access, which in our case is the respective Atlassian Cloud.
Multi-Factor Authentication (MFA)
Multi-Factor Authentication (MFA) is an authentication process in which a user has to provide multiple factors of authentications in order to gain access to Atlassian cloud. Rather than just asking for a username and password, Multi-Factor authentication adds additional verification factors such as OTP, push notifications and biometrics that help in adding an extra layer of security to your Atlassian application.
The above explanation was fairly technical so let’s understand this with the help of an example.
Let’s consider an example where you want to make an online transaction. You use credentials to protect your account from unauthorized access. While making a payment, you have to verify the credentials. This acts as the first line of defence. But there is still room for a hacker to gain access to your banking details compromising your security. So, another layer of authentication is added in the form of an ATM pin or OTP over SMS or email. This serves as the second security measure. Only after both steps does your payment go through.
Similarly, here your Atlassian applications like JIRA, confluence and Bitbucket contain confidential information associated with your account and your organization. This content can be protected using our plugins. Not only will our plugin add an extra layer of security, but it will also ensure that the usability and login experience of the users is not compromised upon.
Since the cloud community is still growing, applications that support 2FA over Atlassian cloud are very few. miniOrange can help in fulfilling the needs of Single Sign-On (SSO) as well as Two-Factor Authentication (2FA). The Two-Factor Authentication solution provided by miniOrange over Atlassian cloud contains many authentication methods such as OTP over SMS, OTP Over Email, Hardware Token, Authenticator token, and many more. Our Plug-ins have the capacity to manage a huge number of users. With miniOrange, external and internal users can be managed in one place. It can easily be integrated with external AD/LDAP directories or other Identity Providers (IDPs) without any hassle. Your Atlassian users can use the same credentials and Two-Factor Authentication to access multiple applications.
We have a Two Factor Authentication (2FA) solution for Atlassian Server and Data Center as well. Give a quick read to this Article.