Ways your team can restrict access to sensitive information in Jira Service Management

Many organizations need to capture confidential and sensitive information as part of their day-to-day work. We hear this from many different teams, but especially those working in HR where it’s crucial that employee information is protected and locked down. Whether it be salary information, home addresses or even ongoing cases.

With a robust set of features that allow you to do more than simply control who can access a project with role permissions, you can have confidence knowing that Jira Service Management can safeguard sensitive employee information all whilst catering to your team’s ways of working.

Restrict who can raise requests

There may be times when only specific people or groups should be able to raise certain requests. These could be requests reserved for supervisors, different departments in your company, or even those submitting sensitive cases that include private employee information.

Control who has access to raise certain requests via the portal and other channels by restricting request types. If someone doesn’t have access to a request type, they won’t see it available as an option to them - even via search. Read more about restricting request types

Restrict who can view work items

While you can control who can raise requests in the first place, you also have the ability to control who can view these requests once they’re raised with work item security. This is for times when you need to completely hide all details; even down to knowing a particular work item exists.

Create a work item security scheme with as many security levels as you need, with each made up of users, groups, roles, or organizations so you can determine who has access to what. For example, you may have a ‘Managers only' security level that only those who have authority to see an employee’s personal details such as addresses or salary can access.

By applying a specific security level to a request type, you have more control and confidence when it comes to knowing how these work items are locked down. Read more about work item security

Restrict who can view submitted forms

While work item security prevents someone from viewing a work item completely, form restrictions allow you to set more granular permissions around who can view attached forms so agents can continue to provide support on a request. This includes any forms submitted as part of a request being raised, or forms attached to existing work items. This is for the scenarios when you may still wish your team to have full access to a work item, but reserve specific content to a restricted group of people.

For example, you may have an ‘Employee Onboarding’ request raised that all agents in your company have access to, but the ‘Personal details' form is restricted to HR and the 'Bank details’ form is restricted to Payroll. Read more about restricting forms

Detect sensitive information with Atlassian Guard

For times when people may accidentally share sensitive information or you may have gaps in your restrictions, Atlassian Guard acts as an additional line of defence.

Simply flag what you deem sensitive, whether it be keywords such as ‘home address’ or regular expressions to identity credit card information, and Guard Premium will scan in real-time work items, fields and comments. These scans can then trigger alerts and enable you to take any number of actions using Automation to setup safeguards.

For example, if Guard Premium detects someone requesting medical leave, that may trigger a rule that applies work item security and sets it to a specific security level so only those authorized can view its details. You could also add an additional action notifying their manager via email to approve this.

Guard Premium also provides comprehensive user activity audit logs at the organization level for reporting and compliance needs. This lets HR teams partner with their organization admin to review, analyze or export any logs that may support a case.

All this gives you an extra layer of security beyond the the many restrictions listed above so you can proactively protect employee data, streamline compliance, and quickly respond to potential risks. Explore more about Atlassian Guard

Want to know more? Find out about these features in detail plus other security-based features in this blog which also covers project permissions and roles.

Have you had a chance to try any of these features out? We’d love to hear what you think