Uploaded image for project: 'Jira Align'
  1. Jira Align
  2. JIRAALIGN-7425

Add Admin Setting to Prevent File Uploads in Jira Align Work Items

XMLWordPrintable

    • 1

    • Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

      Description:
      Currently, Jira Align does not offer an option to prevent users from uploading files to work items. This limitation poses several risks, especially for financial institutions that must adhere to strict data residency and security regulations.

      Steps to Reproduce:

      The users with any role with access to any work item in Jira Align can drop/upload a file there:
      For example: A user with the Integrated User Role accessing Program Room > More Items >Stories can See the Drop files button ** and attach any file to the Work Item.

      **

      Enhancement:
      Please add an admin setting to "hide" from users the ability to "Drop files or click to upload." This setting could be implemented in one of two ways:

      • As a detail panel setting to disable this functionality for specific work items.
      • As a global setting to hide all attachments across the platform.

      WHY:
      Financial institutions must carefully consider the risks associated with storing files in an enterprise cloud application, particularly those related to data residency and European regulations.

      1. PERFORMANCE: Large files can impact any application's performance. It is unclear at what point large files will affect Align's performance. If there is data or information you can provide indicating it has no performance impact, that would be useful to know.
      1. DATA RESIDENCY: Different countries (Europe in particular) have specific laws and regulations regarding where data can be stored and processed. Storing data in a location that does not comply with local laws can be problematic. If there is documentation you can provide on how Atlassian (Align in particular) handles data residency, that would be highly beneficial to address concerns.
      1. SECURITY RISK: Without the ability to control what users upload into Align, it is difficult to guarantee that files do not contain PII data or any sensitive data. Storing sensitive financial data in the cloud introduces several security risks that must be managed to protect against data breaches and cyberattacks. It does not help that there is no encryption on the files as indicated by JIRAALIGN-6688.

      This suggestion aims to enhance the security and compliance capabilities of Jira Align, making it more suitable for use in highly regulated industries.

       

        1. dropfiles1.png
          266 kB
          Thiago Gomes
        2. dropfiles2.png
          296 kB
          Thiago Gomes

              Unassigned Unassigned
              83a5277906a7 Thiago Gomes
              Votes:
              2 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated: