Problem

When you access your Jira Cloud URL in your web browser, it defaults to https://example.atlassian.net/secure/Dashboard.jspa and shows you a lot of details without prompting for credentials.

As a Cloud administrator, you need to immediately lock this down visibility to valid users only. 

Cause

Content visible on the dashboard and gadgets like the activity stream are dependent upon the project permissions of that user to view those issues.  By restricting which Users/Groups/Roles can browse/view issues, this can help to control what data is visible on a dashboard.

Check the Project Permission scheme. The Browse Projects permission will include Public if this content is visible to anonymous users.

Resolution

1. Edit the Permissions of the Permission Scheme(s) in question
   • Jira Administration  > Issues > Permission Schemes
   • Keyboard Shortcut: g+g > Permission Schemes
2. Remove the role Public for the Browse Project permission.  Previous versions would refer to this as an Anyone group
   
   • Removing the Public role will restrict access to those issues only to users that can login to the site.  By default the role called 'Any logged in user' is commonly used to ease the ability to access issues when Jira is first setup.  As a Jira Admin you can choose to remove that role from the project as well for any other permissions as well for safe measure.  However if you do this, you need to make sure that users that should have access are granted that permission through another project role or group.
     

3. To test, use the Browsers In-Private/Incognito Mode or open another Web Browser to load the URL of your Cloud instance; you should be directed to the login prompt