For decades IT security issues have been the most important element of the functioning of IT systems or applications. The situation is similar in the context of migration to the cloud. One of the first questions that usually arise from the Client’s side is the possibility of guaranteeing the security of the entire migration process.
Based on our Competence Center’s many years of experience with the cloud, and taking into account the results of statistical analysis and research, it can be deduced that the cloud is more secure than locally hosted instances. However, such a situation is not a matter of chance.
Practice in building solutions based on Atlassian products allows us to create a secure workplace in Cloud. An additional advantage is 24/7 care from Atlassian experts over the entire Cloud infrastructure – data is protected with encryption for data in transit and at rest. The use of SAML single sign-on, authentication policies and many other components allows you to use the solutions with complete peace of mind about safety.
How to prepare for Atlassian cloud migration?
The process of migrating to the cloud depends on a detailed plan along with an understanding of all the assumptions because security requirements in the cloud are different from those of on-premises instances.
Based on our extensive team experience, I will try to present good practices for a secure migration to the Atlassian cloud with a few examples.
Plan the scope of your migration
Although some migrations are quick and simple and can take just a few hours, the vast majority of migrations to the Atlassian cloud are a complex process which can take dozens of uninterrupted hours. Particularly when the migration assumptions include consolidating several instances into one.
Evaluating the scope of the migration and understanding it in such a situation is a crucial step for safely carrying out the entire process. An example of a criterion that needs to be considered is to retain all the functionality of our current instance. If this is not possible, then also evaluate the possibility of using other solutions to achieve the same effect for the end user.
The very process of migrating users from a local instance to the cloud is a fully secure process. The risk will appear when the pool of these users is not analyzed. This is because some users may be no longer active, but still have access to our local instance. After migration, such individuals would receive access to the cloud.
Verification of the list of users is also linked to verification of access groups and the very permissions assigned to them. We have repeatedly encountered situations in which numerous users with high privileges in the local instance had their privileges lowered during migration. Therefore, verification allows us to provide a high level of security for our new Cloud instance.
It is also worth noting that regular verification of the list of users has a positive impact not only on the level of security but also on the cost of licenses for our instance.
A good time for good practices
Many times, during a migration, we find ourselves in situations where the server is cluttered with Client data, certain processes are not working optimally or documentation is missing. Therefore, the migration preparation time becomes an ideal time to apply good practices, document processes and improve them.
Once we have assessed the degree of correctness of the processes and verified the data on the server, we can move on to making sure that this is exactly the state we expect from the migration. Good documentation will provide us with a high level of understanding of the processes, which translates directly into a level of security.
Atlassian Access – manage permissions efficiently
Atlassian Access allows you to connect a cloud instance with local LDAP. Here let’s consider an example of a server instance where permissions were managed through Active Directory. By migrating the server instance to the Cloud, we can still use our well-functioning Active Directory to grant any access to the Cloud instance.
This is an unquestionable advantage and another step towards standardized management of permissions in the Cloud instance, and therefore another aspect that affects security.
Atlassian Cloud has many ready-made integrations with LDAP servers. In addition, thanks to the use of the SCIM protocol for user administration, it is also possible to build custom solutions through API. The use of API in Atlassian’s products often gives us the ability to deal with unusual solutions that may exist in Server or Data Center instances.
Why migrate to Atlassian Cloud?
Our migration experience allows us to firmly state that the main added value of migration is the increased level of security, data privacy and reliability of the solution.
Solutions are based on products that meet data privacy requirements worldwide, such as, for example, RODO. The use of the highest-class AWS infrastructure guarantees reliability, and the SLA offered by Atlassian guarantees the availability of 99.9% and 99.95% in the highest Enterprise plan.
An additional advantage of the Cloud solution is that we constantly have the latest version of tools. We don’t have to worry about having to upgrade the version of our product due to the appearance of a critical security update – we get it all automatically and unnoticed.
We can connect to Cloud products from all over the world, from any device with Internet access, plus we get convenient and secure mobile applications which allow us to view tasks conveniently from our phone.
If you want to learn more about Atlassian, we recommend the article (PL) Myths about moving to the Atlassian cloud.