Easy Email Attachments
BDQ Migration Analyst
Attachment Manager
Real Signature
Real Signature
Jira
Backups and attachments
PII Services
BDQ’s new service can detect Personal Identifiable Information (PII) in text and attachments. We detect Personal Identifiable Information in Jira, Confluence and files.
It is ideal for audits, or for regular checks to ensure that organisations are not holding unauthorised data.
BDQ's PII Services help you make sure you only have the sensitive data you're supposed to have.
We live in a time where GDPR, personal identifiable information and sensitive data are much more than just buzz words. They are (or should be) very serious considerations for every company that uses and relies on IT systems... which is almost every company!
One security breach could leave your company vulnerable not only to loss of data and viruses, but also the embarrassing and possibly damaging need to explain to your customers/clients how their personal identifiable information came to be vulnerable. Especially if you thought that information had already been properly processed and removed from your systems.
However, with on-site and cloud systems that can run into gigabytes, terabytes or even more, plus the added complication of file attachments, how can you be sure that you have found and processed every item of PII? It is not unknown for Keys and Passwords to be included in Jira Issues and Confluence pages.
That's where BDQ PII Services comes in!
Not only can we find instances of PII within your system - including inside any attachments, and in your Jira and/or Confluence backups - we will show you the location of the the offending data and even categorize the data so that you can process the most serious items first.
Checking your systems for sensitive data and PII shouldn't be a one time deal. We recommend that you not only schedule regular PII Scans in order to keep on top of things, but also adding in extra scans before uploading/backing up to the Cloud or before transferring your data to another third party.
Regular scans can also help you identify patterns in how data is being used and saved by your employees. This can help Team Leaders and Managers discover weak links in the flow of PII within your company.
Cloud Migrations
When migrating your internal Jira/Confluence server to the Atlassian Cloud, this a great time to check that your current instances don’t contain sensitive/inappropriate data, before they are moved outside of your organisation.
BDQ can help you with this under our Cloud Migration Services. For more information →
.png?width=300&name=cloud-migration-services-w-shadow-300x300(3).png)
On-prem
Our PII Service can be run on site, behind your own firewall. This may be the only option for businesses with the strictest security requirements or concerns.
In the AWS Cloud
All of your data is held securely on a dedicated AWS Cloud instance. The default region is UK as that is where we are based but we can also run in whichever region you require. Plus all your data is deleted once the process is complete and you are satisfied our part is finished. Lastly, you retain full, permanent control over deleting the results.
Confluence
Backups and attachments
Folders of files
Dropbox, OneDrive, etc
+ custom sources
Talk to us, we can customise our service to suit your needs
How does it work?
We take backups of your Jira and Confluence instances, scan them and give you the results. This can be done as a one-off, for example in advance of migrations, or it can be run on a regular basis to monitor for new PII being introduced.
Your data can remain on-premise, behind your firewall or can be processed in a secure AWS instance in a region of your choosing.
PLUS: If there is a type of PII that you would like us to find that isn't on the list, get in touch. We can customise our service to meet your needs.
As Atlassian Solution partners, we often get asked how Atlassian approach PII, HIPAA, DGPR and sensitive data as a whole in products like Jira and Confluence. Atlassian do take security extremely seriously, to ensure that customer data is protected.
Below, we break down and give simple answers for those queries.
PII
It is Atlassian’s customers who store data in Atlassian’s services, and it is therefore customers who must make sure that they abide by PII rules, and do not store inappropriate data.
HIPAA
At the time of writing, in terms of Cloud services, only Jira Enterprise, and Confluence Enterprise are HIPAA compliant, and a signed Business Associate Agreement (BAA) with Atlassian will be required. Apps are not currently HIPAA compliant.
GDPR
The GDPR is really about protecting the data of EU residents. It is Atlassian’s customers who store data in Atlassian’s services, and it is therefore customers who must make sure that they abide by the GDPR’s rules, and do not store inappropriate data.
FOR MORE INFORMATION ON ALL ASPECTS OF PII, INCLUDING ATLASSIANS POSITION WITH LINKS TO MORE DETAILED ARTICLES, CHECK OUR OUR PERSONAL IDENTIFIABLE INFORMATION (PII) FAQ →
