Security

Security Practices

Better Attachments enables users to view and manage their Jira attachments (i.e., data to whcih they have read and/or write access) via the application’s user interface. To do so, Better Attachments, running in the user;s browser, invokes the Jira REST API based on the user’s input. The Jira REST API respects the signed-in user’s as well as the app’s permissions. No Jira data is ever loaded, created, updated, deleted or otherwise manipulated in a way that has not been initiated by the user or does not respect the permission model of the Jira site.

Data Storage and residency

Better attachments stores its data, along with other user-level information, sirectly in the customer’s Jira site. This means that all customer data is stored by Jira and therefore subject to all security measures and data residency management Atlassian provides.

Data transfer

All data transfer between the user's browser and the user's Jira site happens securely via HTTPS.

Data backup and recovery

With all customer data being stored in Jira, JXL utilises Atlassian's backup and data recovery features

Access to customer data

As all data are exchanged directly between the customer's Jira site and the user's browser, no Cyclops Software employee, regardless of their role, has access to customer data at rest. Application logs are anonymised and don't contain any references to customer data.