While Jira offers flexible security and permission configuration to meet various project requirements, it doesn’t support field-level security due to the complexity discussed here.
Atlassian recommends a few workarounds, including using third-party apps like Secure Custom Fields for Jira. It lets you enhance the security needs for storing confidential data, and also works with advanced automation implementation.
In this article, we’ll show you a step-by-step guide to creating secure custom fields and how to customize them for specific use cases. You’ll also learn to set up secure workflow automation using the encrypted fields.
Create secure field types for more granular security permissions
Secure Custom Fields for Jira assures secure data management through Forge architecture, which adheres to industry security standards like GDPR compliance, ISO 27001 and SOC 2.
We built this app to give you more granular control over field-level security with Advanced Encryption Standard (AES) 256.
Using the app, you can flexibly configure Jira issues to grant necessary access for your teams while keeping confidential information hidden from unauthorized users.
For example, you can create a candidate profile inside the recruiting project, with sensitive data only accessible by HR personnel. So recruiters can still coordinate the hiring process with the hiring manager on the same board with some restrictions.
Please note that the app doesn’t have access to your system fields. Instead, it provides custom field types to store sensitive data.
Follow the video instructions below to get started (Jira admin access required):
- Create secure custom fields
- Apply view and edit permissions
- Configure the field if necessary (e.g. options for checkboxes)
You can also migrate standard custom fields to new secure field types, which can be very useful if you’re moving from Server to Cloud and want to replicate field restrictions.
Enable Jira automation with secure field data
Jira Automation is a powerful feature that allows users to streamline processes, reduce manual efforts, and ensure consistency in project management.
Using the app’s API, you can modify issues through automation rules. It’s like Jira REST API, but it returns decrypted values instead. This method allows secure access to these values, ensuring that sensitive information remains protected.
Here’s a quick tutorial video on setting up Web API for Jira automation integration:
Below are some examples of the most popular use cases for workflow automation:
1. Notify specific users when the secure field value is updated
For example, when an employee changes their phone number, the updated information (secure field) will be emailed to the team manager.
2. Update the secure field value when the task is transitioned to a specific status
For example, when a candidate ticket is moved to the In progress, you can automatically update the associated secure field
Do you have other use cases that you want to implement? Let us know, and we’ll be happy to assist you!
