Objective

What are the Atlassian Cloud data security policies?

Environment

Cloud

Procedure

Atlassian relies on a slightly different sales model. In that, we do not have a traditional sales force who would normally be available to complete security assessments / schedule ad-hoc calls on our hosted security model nor a legal compliance team dedicated to approving of and/or co-signing individual questionnaires and security requirements.

Rather, we focus on standardizing our legal documents to make our security and hosted data policies publicly available, and applicable to all Cloud customers. In case you haven't already, make a note our full list of security statements and policies below:

Atlassian's Trust @ Atlassian site, which include:

• Atlassian Cloud security statement - Atlassian access to data, as well as specific information about our hosted infrastructure
• Trust & Security FAQ - specifics on encryption, available test results, and implementation of information standards.
• About Your Data - backup, retention and data storage
• Atlassian's Cloud Security Alliance CIAQ Submission, which includes answers to over 300 questions across 16 security domains which shows our alignment with industry standard security practices for delivering a Cloud Service.
• Atlassian's Security Management Program which details how we manage the implementation our Security Program.
• Atlassian's End User Agreement
• Privacy Policy Terms
• Service-specific Terms

Atlassian has worked to create the policies above in a manner to govern all of our hosted products for all clients. We cannot enter specific agreements - including completing individual security questionnaires on a per-customer basis. The benefit of this policy is that our buying process is simple and fair for all customers, and overhead costs (such as legal fees) are kept at a minimum so we can pass the savings onto our customers.

When complementary security dispositions become the main need, we advise hosting the Server version of our solutions either

• On your own infrastructure
• Or on a 3rd party Cloud hosting provider such as Amazon
• Or work with one of our official Atlassian partners ("Atlassian Experts") who can offer localized or custom managed hosting services with more flexibility.