Integrity checks performed by Jira Cloud Mobile app as part of mobile app policy

Platform Notice: Cloud - This article applies to Atlassian products on the cloud platform.

   

Summary

Jira users would like to understand more about the settings for the mobile app policy and how Jira performs the integrity checks and determines the compromised devices. This article will list down the steps and the integrity checks performed by Jira Cloud mobile app.

Environment

Jira Cloud.

Solution

How Jira Determines Compromised Devices:

Jira determines if a device is compromised through a series of integrity checks performed by the mobile app. These checks are designed to verify the security status of the device. If the device is found to be compromised, the user will be prevented from accessing your organization's content within the app. Specifically for Android devices, access to content requires Hardware-backed Keystore.

  • Key Points:
    • The mobile app runs integrity checks on the device.
    • If compromised, access is blocked to the organization's content.
    • Android devices need Hardware-backed Keystore for content access.
    • Atlassian regularly updates these checks to combat new exploits.

This process ensures that only secure, uncompromised devices can access sensitive organizational content, thereby protecting your data and infrastructure.

Our Block Compromised Device "series of checks" for iOS is checking certain paths on the device for jailbreaks that root the device. Usually these jailbreaks will add / alter certain files in these paths and we look for those to determine whether a user is using a jailbroken device or not. On Android side, Google has provided a library to be able to check for rooted devices and we use Google’s Play Integrity API here.

For your reference, here is the documentation related to the mobile app policy: Security settings in a mobile app policy 


Last modified on Jun 25, 2024

Was this helpful?

Yes
No
Provide feedback about this article
Powered by Confluence and Scroll Viewport.