Deterring Hackers - How Atlassian is Staying Secure Amidst the Rise of Ransomware Attacks

As early as next year, researchers expect 90% of global enterprises to rely on cloud-based infrastructure to support operations. But as the amount of sensitive data stored online grows, so do the threats to compromise it. Ransomware attacks, the practice of encrypting data and threatening to withhold or publish it unless the victim pays a fee, have surged in scale and complexity––this past year being a standout.

The spike in ransomware attacks that IT teams are experiencing today comes after a major breach detected on the US technology firm, SolarWinds. This attack has been classified as the largest and most sophisticated cyber attack to date, impacting roughly 100 companies and a dozen government agencies, including the Pentagon.

Now, companies are doubling down on cybersecurity. Following the SolarWinds attack, Check Point Research (CPR) investigated Atlassian for security threats to proactively protect its 180,000+ customers’ data. The team identified vulnerabilities within its Jira and Confluence products that were attributed to the use of single-sign-on, and applied a solution to eliminate risk. Here’s how Atlassian is continuing to keep its users’ data protected, and how by working with an Atlassian Platinum Partner, like Contegix, IT teams can leverage Atlassian products with added levels of compliance and security.

Mitigating Security Risks like Single-Sign-On

To keep users’ data safe, Atlassian deploys nine different security teams responsible for everything from detecting and responding to security incidents ensuring employers and partners understand how to operate securely. Atlassian also runs additional programs including its Red Team Program and Bug Bounty Program to work proactively against security threats like ransomware attacks. 

The Red Team Program is an internal group of experts whose responsibility is to hack Atlassian’s own products to improve resilience against sophisticated attacks. This team works to maximize Atlassian’s understanding of existing risks, identify opportunities to bolster security and make changes according to identified vulnerabilities from the inside.

The Bug Bounty Program enables teams of outside researchers to test products and identify security vulnerabilities. This program is a collaborative effort between Atlassian team members and research teams, like CPR. Researchers select a project from a scope of websites and servers Atlassian prioritizes. Then, researchers act as hackers to identify risk areas from the outside. In exchange, Atlassian provides payment associated with the risk level of a vulnerability a team uncovers.

Both processes represent a proactive approach to keep user data protected from new threats such as ransomware.

Where an Atlassian Premium Solutions Partner Provides Support

While Atlassian works diligently to apply security measures across every angle of its products, IT professionals have a shared responsibility to ensure their own clients' data is secure. And as the severity and complexity of threats evolve, data protection becomes an increasingly demanding responsibility on top of existing internal duties.

IT teams can find support from an Atlassian Platinum Solutions Partner, like Contegix, to better understand the entire breadth of existing security procedures Atlassian executes––and where their own teams can add additional layers of protection internally.

Our team at Contegix can assist with planning, deploying and optimizing Atlassian implementation to bolster security through infrastructure and strategy. Our experts work to understand a team’s business objectives, and build a roadmap to deploy Atlassian products inline with strategic goals and regulatory requirements. We can also configure plugins, perform migrations or conduct any necessary troubleshooting involved during implementation.

Our U.S.-based team of support engineers can also proactively monitor IT teams’ Atlassian applications and communicate any risks or incidents as they arise. Our team specializes in server and data center deployments, and has certifications including FedRAMP, HIPAA, PCI and more. As such, Contegix is equipped to mitigate risks across even the most regulated industries.

Learn more about our Atlassian Solutions, and how we can help you secure your deployment.