McAfee, the device-to-cloud cybersecurity company, announced a collaboration with Atlassian, provider of team collaboration and productivity software, to bring advanced data security and threat protection to common customers looking to accelerate their move to the cloud. As a result of this collaboration, Atlassian customers can now leverage the power of McAfee MVISON Cloud to apply their security policies to their use of Atlassian services. MVISION Cloud provides visibility and control for Software-as-a-Service (SaaS), Platform-as-a-Service (PaaS), and Infrastructure-as-a-Service (IaaS) environments, across Content Management systems and DevOps environments, via a unified security platform which helps customers get comprehensive control over their cloud services from managed and unmanaged devices.
As more organizations move their operations to the cloud and to remote work environments, they must evolve their security measures to meet the challenges of unintentional data uploads, device usage outside traditional network parameters, insider threats from rogue employees, application misconfiguration and more. Further, industry analyst firm Gartner warns that, “through 2025, 99 percent of cloud security failures will be the customer’s fault.”1 This has caused enterprises to look for ways to enforce additional security controls on their cloud solutions beyond Software-as-a-Service (SaaS) or Infrastructure-as-a-Service (IaaS).
Through integration efforts with McAfee, Atlassian customers can now use MVISION Cloud to help securely accelerate their business in the following ways:
- Prevent sensitive or regulated data from being uploaded or shared with unauthorized parties while using Atlassian’s Jira Software or Confluence Cloud products.
- Limit downloading or syncing to unmanaged devices and gain total control over user access to Jira Software Cloud and Confluence Cloud by enforcing context-specific access policies.
- Provide ability to capture the complete audit trail of all user activity enriched with threat intelligence to facilitate post incident forensic investigations. MVISION Cloud detects threats from compromised accounts, insider threats, privileged access misuse and malware infection.
- Detect and remediate against misconfigurations and configuration drift in Atlassian’s Bitbucket Cloud and Bamboo products from standard benchmarks such as CIS and NIST or custom configuration policies.
Shared Right: Shared Responsibility Between Customers and Cloud Providers
Atlassian’s cloud tools are mission critical to customer businesses. One of the reasons that 99% of issues are expected to be attributed to the customer, is that while cloud providers (like Atlassian), have invested very heavily in security and have directly addressed core challenges that an on-prem solution may cause, their customers may be much earlier on in their security journey. Here’s where McAfee MVISION Cloud steps to help customers deliver on their share of the cloud security responsibility.
Shift Left: Securing DevOps to deliver DevSecOps
Atlassian is making it easier for developers to build and operate secure products, while responding to security incidents more quickly and effectively. McAfee MVISION Cloud integrates security for Atlassian services into DevOps toolchains to deliver on the promise of DevSecOps and enable organizations to rapidly deploy infrastructure, workloads, and applications while meeting their security and regulatory compliance best practices. This “Shift Left” integration seamlessly incorporates security checks without any friction to or burden on the developers or DevOps teams.
“Organizations of all sizes are looking for security solutions that enable their business to securely leverage cloud services,” said Rajiv Gupta, senior vice president and general manager of Cloud Security, McAfee. “Our collaboration with Atlassian helps organizations deliver on their share of the cloud security responsibility, while providing them with the ability to “Shift Left” in a seamless manner that deploys the right security configurations without burdening developers or DevOps teams.”