[BSERV-12007] Encryption at rest for Bitbucket

Type: Suggestion
Resolution: Unresolved
Fix Version/s: None
Component/s: Data Center, Security - Other
Labels:
None

UIS:
44
Feedback Policy:

We collect Bitbucket feedback from various sources, and we evaluate what we've collected when planning our product roadmap. To understand how this piece of feedback will be reviewed, see our Implementation of New Features Policy.

Problem Definition

Clients would like to have the ability to encrypt data at rest in Bitbucket on-premise (including DC environments) as they do for Bitbucket Cloud.

Why this is important

Commonly, it is a requirement from internal security auditing teams.

relates to

BSERV-10043 Encrypt Database Password in bitbucket.properties or use integrated authentication

Closed

mentioned in: Page Failed to load; Page Failed to load; Page Failed to load; Page Failed to load; Page Loading...; Page Loading...; Page Loading...; Page Loading...

(4 mentioned in)

Justin Kalina added a comment - 27/Mar/2023 8:13 PM

has there been any movement here on this?

Justin Kalina added a comment - 27/Mar/2023 8:13 PM has there been any movement here on this?

Erik Liu added a comment - 17/Nov/2022 4:02 AM

interested in this feature, please help prioritize

Erik Liu added a comment - 17/Nov/2022 4:02 AM interested in this feature, please help prioritize

Idan Bidani added a comment - 28/Apr/2022 5:29 PM

interested as well, every enterprise will require this feature, please help prioritize

Idan Bidani added a comment - 28/Apr/2022 5:29 PM interested as well, every enterprise will require this feature, please help prioritize

John Norcross added a comment - 21/Sep/2021 2:56 PM

Also interested in this feature being added for customers using Atlassian Data Center environments ASAP... being driven by our customers and new security mandates.

John Norcross added a comment - 21/Sep/2021 2:56 PM Also interested in this feature being added for customers using Atlassian Data Center environments ASAP... being driven by our customers and new security mandates.

Michael Mohr added a comment - 01/Apr/2020 6:08 AM

We as an enterprise company have commissioned an external outsourcing company to support our on-premise servers and applications, as the management has decided that this is not a core task of our company. But now customers while audits complain that non employees gets "simple" access to our Intellectual Property (IP), i.e. the source code we manage in BItbucket, and that this is a security issue in our R&D process if source code is directly related to the customer, what is likely possible for specific customer customization's. Because of the missing Bitbucket functionality of encrypted storage of the source code on the server hard-disks we are no longer allowed to use Bitbucket for these projects and with this our R&D landscape is currently getting diverse again as it was before BItbucket. Our management is not thinking about in-sourcing again the server and application administration as someone might think about, no, instead they question the usefulness of Bitbucket as our source code management system because it cannot meet our security requirements to the extent desired.

So please bring encryption at rest (https://en.wikipedia.org/wiki/Data_at_rest) also to your on-premise data center solutions, as this is a essential security feature that we as enterprise company absolutely need.

Michael Mohr added a comment - 01/Apr/2020 6:08 AM We as an enterprise company have commissioned an external outsourcing company to support our on-premise servers and applications, as the management has decided that this is not a core task of our company. But now customers while audits complain that non employees gets "simple" access to our Intellectual Property (IP), i.e. the source code we manage in BItbucket, and that this is a security issue in our R&D process if source code is directly related to the customer, what is likely possible for specific customer customization's. Because of the missing Bitbucket functionality of encrypted storage of the source code on the server hard-disks we are no longer allowed to use Bitbucket for these projects and with this our R&D landscape is currently getting diverse again as it was before BItbucket. Our management is not thinking about in-sourcing again the server and application administration as someone might think about, no, instead they question the usefulness of Bitbucket as our source code management system because it cannot meet our security requirements to the extent desired. So please bring encryption at rest ( https://en.wikipedia.org/wiki/Data_at_rest ) also to your on-premise data center solutions, as this is a essential security feature that we as enterprise company absolutely need.

agarwva2 added a comment - 19/Feb/2020 11:10 PM

+1

agarwva2 added a comment - 19/Feb/2020 11:10 PM +1

Bitbucket Data Center

Encryption at rest for Bitbucket

Problem Definition

Suggested Solution

Why this is important

Bitbucket Data Center

Details

Description

Problem Definition

Suggested Solution

Why this is important

Attachments

Issue Links

Forms

Activity

[BSERV-12007] Encryption at rest for Bitbucket

Collapse comment: Justin Kalina added a comment - 27/Mar/2023 8:13 PM

Expand comment: Justin Kalina added a comment - 27/Mar/2023 8:13 PM

Collapse comment: Erik Liu added a comment - 17/Nov/2022 4:02 AM

Expand comment: Erik Liu added a comment - 17/Nov/2022 4:02 AM

Collapse comment: Idan Bidani added a comment - 28/Apr/2022 5:29 PM

Expand comment: Idan Bidani added a comment - 28/Apr/2022 5:29 PM

Collapse comment: John Norcross added a comment - 21/Sep/2021 2:56 PM

Expand comment: John Norcross added a comment - 21/Sep/2021 2:56 PM

Collapse comment: Michael Mohr added a comment - 01/Apr/2020 6:08 AM

Expand comment: Michael Mohr added a comment - 01/Apr/2020 6:08 AM

Collapse comment: agarwva2 added a comment - 19/Feb/2020 11:10 PM

Expand comment: agarwva2 added a comment - 19/Feb/2020 11:10 PM

People

Dates

Backbone Issue Sync