Jira
monday.com
Data security is top of mind for enterprises as Atlassian phases out Server support and shifts to Cloud. Is your organization ready for the change?
In February 2024, Atlassian officially ended Server support, leaving enterprises with two primary options: migrate to Cloud or Data Center. As Atlassian doubles down on its Cloud-first strategy, businesses must act quickly to protect their data, comply with regulations, and maintain operational continuity.
Atlassian Cloud offers robust data residency options with regions in the U.S., Europe, Australia, and more. Coupled with apps built on Forge organizations can confidently address compliance and security needs while optimizing workflows.
This article explores Atlassian’s data residency features, the benefits of Forge apps, and how Smart Tools help enterprises stay secure in this evolving landscape. Whether you’re migrating from Server or improving your Cloud setup, understanding data residency is key to protecting your business and staying ahead in 2024.
Understanding Atlassian Data Residency
What is data residency?
Data residency refers to the practice of storing data in specific geographic regions to meet regulatory, legal, and business requirements.
When a company leaves its in-house self-maintained server for the cloud, it means that it puts its trust in a remote data center maintained by a provider who is equipped with state-of-the-art hardware and security (Atlassian Cloud happens to use AWS).
Most large cloud providers have dozens of data centers in various locations all over the world. The exact location of your data within these centers is referred to as local data residency.
With the option of local data residency, your organization can prevent your information from leaving the confines of your determined location. For enterprises operating in industries with strict compliance standards—like finance, healthcare, and government—data residency is a necessity.
Data Residency and Compliance Requirements
Data residency has become a critical factor for enterprises especially in regulated industries like finance, healthcare, and government. It allows companies to store sensitive information in specific geographic regions, meeting compliance requirements such as:
- GDPR (EU): Governs data protection and privacy for individuals in the European Union. Official text – Regulation (EU) 2016/679
- India’s DPDP Act (2023): Sets strict rules for data handling and localization. Official text – Digital Personal Data Protection Act 2023
- Health Insurance Portability and Accountability Act (HIPAA) – United States: Set the rules for protection of personal health information. Official text – Health Insurance Portability and Accountability Act of 1996
- FISMA (US): Requires federal data to remain within the U.S. Official text – Federal Information Security Management Act of 2002
- Australia’s Critical Infrastructure Rules: May enforce local data storage. Overview Security of Critical Infrastructure Act 2018
- Canada (PIPEDA): Local storage required for public-sector data in provinces like BC and Nova Scotia. Official text – Personal Information Protection and Electronic Documents Act
- Brazil’s LGPD: Allows data transfers under specific compliance rules. Official text – Lei Nº 13.709, de 14 de Agosto de 2018
- UAE and Saudi Arabia: Enforce local storage for financial and health-related data. Official text – Federal Decree-Law No. 45 of 2021 and overview – Data Protection Law – Saudi Arabia
Note
Please note that while HIPAA primarily focuses on the protection of health information, it does not explicitly mandate data residency requirements. It’s advisable to consult with legal experts to understand the specific implications of these laws on data residency for your organization.
Data residency helps enterprises meet these regulations while mitigating the risk of legal penalties and maintaining customer trust.
Regulations such as GDPR in Europe and CCPA in California determine where and how companies handle personal and sensitive data. Beyond compliance, data residency supports sovereignty, ensures faster access for local teams, and safeguards business in case of region-specific disruptions.
Atlassian’s Data Residency Features
Atlassian offers data residency capabilities as part of its Cloud platform, enabling organizations to choose where their data is stored. Currently, supported regions include the U.S., Europe, Australia, and more, with additional locations being rolled out to meet global demand. To explore the latest updates on available regions, refer to Atlassian’s data residency documentation.
If you would like to keep up with the latest developments in Atlassian Cloud make sure to subscribe to Cloud Roadmap for quarterly reports on upcoming features, updated time frames, data residency announcements, and much more.
Key benefits of Atlassian’s data residency include:
- Regulatory Compliance: Align with laws like GDPR and HIPAA to reduce legal risks.
- Optimized Performance: Improve speed and reliability for regional users.
- Security Through Atlassian Infrastructure: Data is stored and processed within Atlassian’s secure cloud infrastructure, reducing reliance on third-party hosting.
- Streamlined Collaboration: Teams across multiple regions can work together confidently, knowing their data management meets compliance standards.
With data residency embedded in Atlassian’s Cloud, enterprises can confidently meet local compliance requirements.
Why Choose Atlassian Cloud?
Atlassian Cloud has become the go-to solution for enterprises transitioning from Server, offering flexibility and scalability tailored to businesses of all sizes. The Cloud platform supports up to 50,000 users per Jira instance, making it suitable for large-scale operations.
Advantages of Atlassian Cloud
1. Simplified IT management
Migrating to Atlassian Cloud eliminates the need for self-hosted servers and infrastructure maintenance. IT teams can shift their focus from managing hardware to driving innovation and improving processes.
2. Built-In Security & Compliance
Data hosted on Atlassian Cloud is backed by AWS, one of the most secure cloud providers in the industry. This includes advanced redundancy capabilities, data encryption, and compliance with global standards like GDPR, SOC 2 and ISO 27001.
3. Scalability for Growing Teams
Cloud scales effortlessly with your business, accommodating up to 50,000 users per Jira instance. Flexible pricing tiers (Free, Standard, Premium, Enterprise) ensure solutions for all organization sizes.
4. Access to AI Tools
Atlassian Cloud offers cutting-edge AI and machine learning capabilities, such as automated suggestions for tasks, project tracking, and workflow improvements, empowering teams to work smarter.
5. Global Accessibility
With data centers across regions like the U.S., Europe, and Australia, Atlassian Cloud optimizes latency and supports geographically distributed teams. Check updated regions.
Challenges to Consider with Atlassian Cloud
- Customizability Constraints: While Cloud simplifies operations, some businesses may find its customization options limited compared to Data Center.
- Security Considerations: Though Atlassian Cloud offers robust security features, organizations need to carefully evaluate their security requirements. This includes understanding access controls, encryption standards, and compliance certifications. Teams should also consider how third-party apps and integrations might impact their security posture.
- Data Residency Gaps
Certain regions may lack data residency options, presenting challenges for highly regulated industries. Atlassian continues to expand its supported regions to address these concerns. - Storage and Performance Limitations
Standard Cloud tiers provide 250 GB of storage, which may require upgrading to Premium or Enterprise for unlimited storage.
Atlassian Cloud is an excellent solution for enterprises seeking agility, security, and scalability. Businesses can determine whether this SaaS platform aligns with their operational and compliance needs, weighing the advantages against potential challenges.
To better understand how Cloud compares to Data Center for your organization’s needs, explore Atlassian Data Center vs Cloud.
Cloud Tiers: Free, Standard, Premium, Enterprise (Brief Overview)
Atlassian Cloud offers a range of Jira Cloud plans to meet the needs of organizations of all sizes.
- Free: Best for small teams or individual users. Includes basic features and up to 10 users.
- Standard: Supports growing teams with advanced functionality, accommodating up to 50,000 users per site.
- Premium: Designed for larger teams with complex needs, offering features like advanced roadmaps and unlimited storage.
- Enterprise: Tailored for large enterprises requiring multi-site management, the highest level of support, and strong compliance with industry standards.
Here’s what sets the Enterprise plan apart:
- Multi-Site Management: Supports up to 150 sites
- Advanced Security Features: Includes Single Sign-On (SSO) with SAML, SCIM provisioning, and Active Directory Sync
- Centralized Licensing: Offers a per-user licensing model across all sites
- Compliance and Support: Designed to meet the requirements of regulated industries, with access to 99.95% uptime SLA and 24/7 dedicated enterprise-level support
Cloud pricing includes ongoing fees based on the number of users and the selected tier (e.g., Free, Standard, Premium, or Enterprise).
This approach provides scalability and access to regular updates, but businesses should carefully evaluate their long-term budget to align it with their financial plans. Use the Atlassian Cloud Pricing Calculator to estimate costs tailored to your needs.
Forge Apps and Data Residency: A New Standard for Secure App Development
Atlassian continues to evolve its Cloud ecosystem with Forge, a serverless app development platform designed to align with the modern demands of data residency, security, and compliance.
What is Forge?
Forge is Atlassian’s next-generation platform for building apps that seamlessly integrate with Atlassian Cloud. Unlike older systems like Connect, Forge provides a secure environment where data can be processed and stored entirely within Atlassian’s infrastructure.
Key Features of Forge:
- Serverless Architecture: Developers focus on building app functionality without worrying about managing servers.
- Data Residency Compliance: Apps developed on Forge can align with Atlassian’s Cloud data residency policies.
- Security by Design: Forge apps are inherently secure, with data processing confined to Atlassian’s infrastructure, reducing risks associated with external data egress.
How Forge Supports Data Residency
Forge supports data residency by seamlessly integrating with Atlassian Cloud. This capability allows organizations to build custom apps that comply with regional regulations, ensuring that data is stored and processed within the required jurisdictions.
Key Advantages:
- Regulatory Alignment: Forge apps adhere to Atlassian’s Cloud data residency policies, enabling compliance with laws like GDPR or CCPA. For more details, refer to Atlassian’s data residency documentation.
- Custom App Development: Forge enables developers to create apps tailored to specific regional requirements without compromising on compliance or security. Learn more about Forge’s architecture here.
- Strong Security Standards: Forge apps without data egress qualify for the “Runs on Atlassian” badge, ensuring that data does not leave Atlassian’s ecosystem. Enterprises can confidently use these apps without conducting separate security assessments, as Atlassian guarantees the app’s compliance and security standards.
- Simplified App Management: Forge streamlines app deployment and maintenance. Updates and fixes are automatically managed within Atlassian’s infrastructure, reducing administrative overhead for IT teams.
- Data Residency Pinning and Migration: Forge aligns app data storage with the host product’s data residency settings, giving enterprises control over where their app data is stored. Forge apps using Atlassian’s hosted storage automatically inherit the data residency settings of their associated Atlassian product (e.g., Jira, Confluence).
Note
For pinned products, app data will be stored in the same region as the host product. If the product is not pinned to a specific region, the app data will follow the location of the product’s primary database. Admins will also see the “pinned” status of eligible apps in admin.atlassian.com. If a host product is migrated to a different region, the associated Forge app data will automatically migrate to the same location, maintaining consistency and compliance without manual intervention. For more details, read Atlassian’s Forge changelog.
How Apps Work in Atlassian Cloud
Apps in Atlassian Cloud operate within two primary frameworks: Connect and Forge. Connect apps often rely on vendor-hosted data with limited control over residency options. Forge offers a modern, secure alternative, aligning seamlessly with Atlassian’s data residency policies.
Forge apps store and process data within Atlassian’s infrastructure. This supports compliance with data residency requirements in specific regions. Enterprises can manage sensitive data securely, maintaining app functionality simultaneously.
Connect Apps (Legacy Approach)
- Data Hosting: Typically hosted by vendors outside Atlassian infrastructure.
- Data Residency:
- Some apps allow end-users to choose their data residency region.
- Many apps do not support data residency options—Smart Tools by TitanApps currently operate in this category.
- Drawback: Higher complexity for compliance with regulations like GDPR due to external hosting.
Forge Apps (Modern Approach)
- Without Data Egress:
- Apps process and store all data within Atlassian infrastructure, qualifying for the “Runs on Atlassian” badge.
- For more about “Runs on Atlassian”, check the official Atlassian blog.
- Apps can also achieve “Pinned” status, providing additional visibility in Jira – check Atlassian documentation for details.
- With Data Egress:
- Some Forge apps may still process data on the vendor’s infrastructure.
- These apps must meet stricter compliance standards to align with Atlassian’s policies.
Introducing the ‘Runs on Atlassian’ Badge: A New Benchmark for App Security
The “Runs on Atlassian” badge signals that an app is hosted entirely within Atlassian’s infrastructure with no data egress. Atlassian introduced the “Runs on Atlassian” badge to increase transparency and help customers identify Forge apps that:
- Process and store all data within Atlassian’s infrastructure.
- Support data residency automatically across all Atlassian-supported regions.
This badge simplifies the procurement process for enterprise customers, particularly in regulated industries like finance and healthcare, where data sovereignty is critical. Please see the prototype of “Runs on Atlassian” badge on the image below (it is subject to change).
The badge is programmatically applied to eligible apps, with no application process required from partners. It will roll out to Marketplace customers in Q2 2025, marking a significant milestone in app trust and security. Apps can qualify for one or both badges, depending on their architecture and operational practices.
Benefits of the Badge for Customers and Partners
- Customers gain confidence knowing their data stays within Atlassian’s secure ecosystem.
- Enterprises can skip lengthy security assessments, knowing apps meet Atlassian’s strict criteria.
- Marketplace filters will allow customers to identify “Runs on Atlassian” apps quickly.
The introduction of this badge underscores Atlassian’s commitment to building a secure, transparent, and trusted ecosystem for its customers and partners.
For more details about the “Runs on Atlassian” badge and its requirements, check out Atlassian’s official blog post.
Data Residency and Smart Tools by TitanApps
Smart Tools are designed for secure and compliant project management within Atlassian Cloud. They help teams streamline workflows while maintaining compliance with data residency regulations.
As Atlassian transitions to Forge, Smart Checklist and Smart Templates are preparing for a major upgrade. By February, 2025, Smart Checklist will complete migration to Forge without data egress.
This means all data will be processed entirely within Atlassian’s infrastructure, meeting stringent security and compliance standards. This update also positions Smart Checklists to qualify for Atlassian’s “Runs on Atlassian” badge, demonstrating the highest level of data protection for users.
For organizations migrating from Atlassian Server or Data Center to Cloud, Smart Checklists offer seamless migration support. You can explore the full comparison of Cloud, Server, and Data Center options here. Additionally, learn how to migrate checklists from Jira Server/Data Center to Jira Cloud with this detailed guide.
Note: What transfer to Forge means for TitanApps customers
1. Moving to Forge without data egress, Smart Checklists will gain the “Runs on Atlassian” badge, signaling compliance and improved security for enterprise customers.
2. This transition demonstrates a commitment to staying at the forefront of Atlassian’s app ecosystem, ensuring a secure and compliant experience for all users.
3. No effort is required from customer end, the app will just update to the new version
Benefits of Data Residency for Enterprises
Compliance
Data residency aligns organizations with strict regulations such as GDPR in Europe and HIPAA in the United States. These laws govern data storage and processing, making compliance essential for avoiding legal penalties and maintaining data sovereignty. For further details, refer to Atlassian’s data protection overview.
Improved Performance
Hosting data in geographically relevant regions minimizes latency, enhancing system responsiveness for teams across the globe. By strategically selecting data residency locations, businesses can optimize workflows and improve user experiences.
Increased Trust
Meeting regulatory requirements boosts confidence among clients and stakeholders. Demonstrating a commitment to data security and governance enhances an organization’s reputation and strengthens long-term relationships.
Best Migration Practices to Cloud
Start Early
Migration requires thorough planning to identify potential risks and ensure compliance. Begin by auditing your current setup to evaluate necessary adjustments and areas requiring optimization.
Use Atlassian’s Migration Support
Atlassian offers comprehensive migration resources, including subsidies and free trials. For example, you can explore the Atlassian Cloud Migration Trial to familiarize your team with the Cloud environment and test processes before making the switch.
Partner with Experts
Collaborating with trusted Atlassian Solution Partners can ease complex transitions. They provide customized guidance for your unique requirements. Review Atlassian’s official migration guide for additional insights and recommendations.
Steps to Enable Data Residency in Atlassian
Step 1: Evaluate Compliance Needs
Determine whether Cloud or Data Center is the best option for your organization based on regional regulations, operational needs, and governance requirements. Learn more about Atlassian’s hosting models here.
Step 2: Configure Data Residency Settings
Set up data residency settings in Atlassian Cloud to define where your data is hosted. Detailed instructions are available in Atlassian’s data residency configuration guide.
Step 3: Utilize Forge Apps for Custom Solutions
Forge apps offer an ideal solution for maintaining compliance across jurisdictions. Use Forge’s built-in capabilities to keep data stored and processed within Atlassian’s infrastructure. For more details on Forge and its capabilities, refer to Atlassian’s Forge documentation.
Data Residency in Atlassian: A Secure Future for Enterprises
Atlassian’s data residency and Forge apps provide a strong foundation for meeting global compliance requirements. Smart Tools like Smart Checklists and Smart Templates by TitanApps add secure and efficient ways to manage projects in the Cloud. These solutions help organizations stay compliant, improve performance, and build trust with clients and stakeholders.
