Hello!

We have legal requirements to keep certain information hidden from those who do not have legal access to.  

Best way to assure that with Jira and Confluence, is have their own dedicated instances and servers. I know of some companies who literally have an instance per project, and then archive it when completed, just to assure that information is kept secure.

I would like to do the same, so extra security and permissions can be implemented without inconveniencing the majority of users who do not need or allowed access to certain information.    

Unfortunately, can only have one license per instance, even if all instances are using the same user directory via Crowd to maintain the user count for the tier. A developer license does not qualify, as it will be 'production', by definition. 

So what can be done for compartmentalizing projects and information beyond permission schemes, under a single perpetual license?

Jira is limited to what can be done in a mix environment like that, and even risk slipping information like notifications. 

What does other companies do? Like the multiple instances one, do they seriously fork the cost of a new license for each project?  Shouldn't there be like one big license that covers multiple instances of Jira, Confluence, Crowd, etc that is more cost effective?

Thank you for any suggestion, practices, and such that may be useful. 

-Melanie