Fulstech - Jira and Confluence Add-on Developer
ProductsSecurity PolicyPrivacy PolicyEULASLA
  • 🏠Home
  • Markdown
    • Markdown Editor for Jira (Markin)
      • Jira Cloud
        • Overview
        • Create a Markdown-enabled Custom Field
        • Markdown Syntax
        • Support
      • Jira Data Center and Jira Server
        • Overview
        • Create a Markdown-enabled Field
        • Markdown Syntax
        • Migrate to Jira Cloud
        • Support
    • Markdown for Confluence
      • Confluence Cloud
        • Overview
        • Usage
        • Support
  • LaTeX
    • LaTeX for Jira - Math Editor
      • Jira Cloud
        • Overview
        • Usage (with browser extension)
        • Usage (without browser extension)
        • Support
      • Jira Data Center and Jira Server
        • Overview
        • Usage
        • Support
    • LaTeX for Confluence with Math Editor and Plotting
      • Confluence Cloud
        • Overview
        • Usage
        • Migrate from Confluence Server and Confluence Data Center
        • Support
      • Confluence Data Center and Confluence Server
        • Overview
        • Usage (from version 4.0.0)
        • How to install TeX Live
        • Migrate to Confluence Cloud
        • Troubleshooting "Unknown macro" error
        • Support
        • (Deprecated) Usage (for version older than 4.0.0)
  • Whiteboarding and Diagramming
    • Mermaid UML Diagrams and Graphviz Diagrams for Jira
      • Jira Cloud
        • Overview
        • Usage
        • Support
      • Jira Data Center and Jira Server
        • Overview
        • Usage
        • Announcement of the Data Center version
        • Support
    • Excalidraw for Jira
      • Jira Cloud
        • Overview
        • Usage
        • Support
    • Excalidraw for Confluence - with Mermaid, PlantUML, and Graphviz
      • Confluence Cloud
        • Overview
        • Usage
        • Support
      • Confluence Data Center and Confluence Server
        • Overview
        • Usage
        • Support
    • PlantUML, Mermaid UML, Graphviz: UML Diagrams for Confluence
      • Confluence Cloud
        • Overview
        • Usage
        • Support
      • Confluence Data Center and Confluence Server
        • Overview
        • Usage
        • Support
    • Mind Mapping for Confluence
      • Confluence Cloud
        • Overview
        • Usage
        • Support
    • User Flow (Wireflow) for Confluence
      • Confluence Cloud
        • Overview
        • Usage
        • Support
  • Custom Fields
    • Table Custom Field for Jira Cloud
      • Overview
      • Usage
      • Support
    • JEditor-compatible custom field for Jira Cloud
      • Jira Cloud
        • Overview
        • Create a JEditor-compatible Custom Field
        • Migrate to Jira Cloud
        • Support
    • Checklist for Jira Server
      • Overview
      • Usage
      • Support
  • Security Policy
  • Privacy Policy
  • End User License Agreement
  • Service Level Agreement (SLA)
  • Archived Apps
    • Better font for Jira Server
      • Overview
      • Usage
      • Support
Powered by GitBook
On this page
  • Purpose
  • Policy
  • Software Development Security
  • Data Security
  • Access Control
  • Authentication and Authorization
  • Incident Response
  • Policy Compliance
  • Compliance Measurement
  • Exceptions
  • Non-Compliance
  • Policy Review

Was this helpful?

Security Policy

Purpose

The purpose of this policy is to establish standards and guidelines for the development, implementation, and maintenance of our apps to ensure the security, confidentiality, integrity, and availability of our services to our customers.

Policy

Software Development Security

  • We will follow secure coding practices, including regular code reviews and vulnerability scans, to prevent security vulnerabilities. Tools and techniques such as static code analysis or SAST (Static Application Security Testing) will be utilized.

  • We will promptly address any discovered vulnerabilities, prioritizing based on severity.

  • We will ensure that all code and dependencies are up-to-date and regularly checked for known security vulnerabilities.

Data Security

  • All customer data will be encrypted both at rest and in transit using industry-standard encryption protocols.

  • Access to customer data will be strictly limited to necessary cases, and all access will be logged and auditable.

Access Control

  • We will adopt a least privilege policy, where access rights are granted based on the minimum permissions required to perform job functions.

  • Regular audits will be conducted to ensure unnecessary access rights are revoked.

Authentication and Authorization

  • We will implement strong authentication mechanisms such as two-factor authentication.

  • We will implement strict role-based access control mechanisms to restrict access to sensitive information and systems.

Incident Response

  • We will establish an incident response plan to handle any security incidents promptly and effectively.

  • This includes procedures for identifying, investigating, mitigating, and reporting incidents.

Policy Compliance

Compliance Measurement

  • We will conduct regular audits to ensure compliance with this policy.

Exceptions

  • Any exception to this policy must be approved by both members of the workshop.

Non-Compliance

  • Any non-compliance with this policy will be taken seriously and could lead to disciplinary action.

This policy will be reviewed and updated regularly to ensure it remains relevant and effective in managing our information security risks.

Policy Review

This policy will be reviewed annually or whenever significant changes to our operations or the threat landscape occur.

PreviousSupportNextPrivacy Policy

Last updated 1 year ago

Was this helpful?