2021 Q3 Data Processing Addendum assessment

Audit date: 06 October 2021

Category Activity Scope Status of the internal audit
Product Development Environment Product Team Workstations

  • Updated Virus Protection

  • Full Disk Encrytion

  • No unauthorized access

Product Team Workstations

We have validated the notebooks of all of our 15 product team members.
Source Code Management System

  • Login access is restricted only to authorized persons

  • Only minimal permissions are granted

  • No unauthorized access

Bitbucket Cloud - META-INF

Source code management and Build system to store and build the code of our applications.

Permissions

  • Admin : Can create, delete repositories and modify repository settings.

  • Write : Can push and merge source code modifications and trigger manual build pipelines.

  • Read : Can pull source code, read build logs and pull requests.

Repository1

  • Admin
    1 DevOps Engineer
    2 Product Owner
  • Write
    6 Software Developer ( 1 Contractor )
    1 Product Owner

Repository2

  • Admin
    1 DevOps Engineer
    2 Product Owner
  • Write
    6 Software Developer ( 1 Contractor )
    1 Product Owner

Repository3

  • Admin
    1 DevOps Engineer
    2 Product Owner
  • Write
    6 Software Developer ( 1 Contractor )
    1 Product Owner

Repository4

  • Admin
    1 DevOps Engineer
    2 Product Owner
  • Write
    6 Software Developer ( 1 Contractor )
    1 Product Owner

Repository5

  • Admin
    1 DevOps Engineer
    2 Product Owner
  • Write
    6 Software Developer ( 1 Contractor )
    1 Product Owner

Repository6

  • Admin
    1 DevOps Engineer
    2 Product Owner
  • Write
    1 DevOps Engineer
    6 Software Developer ( 1 Contractor )
    2 Test Engineer
    1 Product Owner
    1 Technical Account

Repository7

  • Admin
    1 DevOps Engineer
    2 Product Owner
  • Write
    1 DevOps Engineer
    6 Software Developer ( 1 Contractor )
    2 Test Engineer
    1 Product Owner

Repository8

  • Admin
    1 DevOps Engineer
    2 Product Owner
  • Write
    1 DevOps Engineer
    6 Software Developer ( 1 Contractor )
    2 Test Engineer
    1 Product Owner

Repository9

  • Admin
    1 DevOps Engineer
    2 Product Owner
  • Write
    1 DevOps Engineer
    6 Software Developer ( 1 Contractor )
    2 Test Engineer
    1 Product Owner

Artifact Management System

  • Login access is restricted only to authorized persons

  • Only minimal permissions are granted

  • No unauthorized access

Jfrog Artifactory

Artifact management system to store the build logs and artifacts of your application.

Permissions

  • Admin : Can create, delete repositories and modify repository settings.

  • Write : Can upload, delete, overwrite (in snapshot repositories) artifacts.

  • Read : Can list, download artifacts.

Repository1

  • Admin
    1 DevOps Engineer

  • Write
    1 Technical Account

  • Read
    2 DevOps Engineer
    6 Software Developer ( 1 Contractor )
    2 Test Engineer
    1 Product Owner

Repository2

  • Admin
    1 DevOps Engineer

  • Write
    1 Technical Account

  • Read
    2 DevOps Engineer
    6 Software Developer ( 1 Contractor )
    2 Test Engineer
    1 Product Owner
Staging Environment AWS Staging Environment

  • Cloud Console access is restricted only to authorized persons

  • SSH access is protected by keys and MFA

  • Database access is possible only from the internal network

  • Kubernetes access is possible only from the internal network

  • Only minimal permissions are granted

  • No unauthorized access

AWS Stage

Separated AWS Account for the Stage resources.

Permissions

  • Admin : Can list, create, delete, modify AWS resources.

  • Container Image Admin : Can list, create, delete, modify (in snapshot repositories) Docker images.

  • Container Image Read : Can list Docker images.

  • S3 Backup : Can list, create, delete, modify items in the Backup S3 Bucket.

  • Stage Deploy : Can list, create, delete, modify Kubernetes resources and list Docker images.

  • Admin
    1 DevOps Engineer
    3 Infrastructure Engineer ( 3 Contractor )
    1 Software Developer

  • Container Image Admin
    1 Technical Account

  • Container Image Read
    1 Technical Account

  • S3 Backup
    1 Technical Account

  • Stage Deploy
    2 Software Developer ( 1 Contractor )

AWS Stage Bastion

EC2 instance to access the Stage internal network and databases.

Permissions

  • Root : Can administer Linux OS.

  • User : Can log in and access the internal network of the Staging environment.

  • Root
    1 DevOps Engineer
    1 Infrastructure Engineer ( 1 Contractor )

  • User
    1 DevOps Engineer
    2 Infrastructure Engineer ( 2 Contractor )
    3 Software Developer ( 1 Contractor )
    1 Test Engineer
    1 Technical Account
Production Environment

AWS Production Environment

  • Cloud Console access is restricted only to authorized persons

  • SSH access is protected by keys and MFA

  • Database access is possible only from the internal network

  • Kubernetes access is possible only from the internal network

  • Only minimal permissions are granted

  • No unauthorized access

AWS Prod

Separated AWS Account for the Prod resources.

Permissions

  • Admin : Can list, create, delete, modify AWS resources.

  • Container Image Admin : Can list, create, delete, modify (in snapshot repositories) Docker images.

  • Prod Deploy : Can list, create, delete, modify Kubernetes resources and list Docker images.

  • Admin
    1 DevOps Engineer
    1 Infrastructure Engineer ( 1 Contractor )
    1 Software Developer

  • Container Image Admin
    1 Technical Account

  • Prod Deploy
    2 Software Developer ( 1 Contractor )

AWS Prod Bastion

EC2 instance to access the Prod internal network and databases.

Permissions

  • Root : Can administer Linux OS.

  • User : Can log in and access the internal network of the Production environment.

  • Root
    1 DevOps Engineer
    1 Infrastructure Engineer ( 1 Contractor )

  • User
    3 Software Developer ( 1 Contractor )
    1 Technical Account

Log Analysis and Monitoring

Datadog Loggin and Monitoring System

  • Login access is restricted only to authorized persons

  • Only minimal permissions are granted

  • No unauthorized access

Datadog

Log management and monitoring tool for our staging and production applications.

Permissions

  • Admin : Can administer all resources. Can not delete logs.

  • Write : Can read, create, delete, modify monitors, dashboards. Can read logs.

  • Read : Can read monitors, dashboards, logs.

  • Admin
    1 DevOps Engineer
    1 Software Developer
    1 Technical Account

  • Write
    1 DevOps Engineer
    1 Software Developer ( 1 Contractor )

  • Read
    1 Infrastructure Engineer ( 1 Contractor )
    4 Software Developer
    2 Test Engineer
    3 Support Agent
    3 Product Owner

In-depth expertise, knowledge transfer and Atlassian apps from the highest-level Atlassian partner.

Solutions
ITSM
Jira Audit
Cloud Migration
Enterprise Service Management
Services
Atlassian Consulting
Atlassian Licenses
Atlassian Training
Atlassian Support
Email This Issue Services
Apps
Email This Issue for Jira
Glass Documentation for Jira
Content Exporter for Confluence
Advanced Content Navigator for Confluence
About META-INF
Meet the team
Partner Program
Let's Partner Up
Career
Contact

© 2007 - 2024 META-INF, Atlassian Platinum Solution Enterprise Partner & Platinum Marketplace Partner. All rights reserved.

Privacy Policy

2021 Q3 Data Processing Addendum assessment

Jogi dokumentumok2021 Q3 Data Processing Addendum assessment
Tartalom

Audit date: 06 October 2021

Category Activity Scope Status of the internal audit
Product Development Environment Product Team Workstations

  • Updated Virus Protection

  • Full Disk Encrytion

  • No unauthorized access

Product Team Workstations

We have validated the notebooks of all of our 15 product team members.
Source Code Management System

  • Login access is restricted only to authorized persons

  • Only minimal permissions are granted

  • No unauthorized access

Bitbucket Cloud - META-INF

Source code management and Build system to store and build the code of our applications.

Permissions

  • Admin : Can create, delete repositories and modify repository settings.

  • Write : Can push and merge source code modifications and trigger manual build pipelines.

  • Read : Can pull source code, read build logs and pull requests.

Repository1

  • Admin
    1 DevOps Engineer
    2 Product Owner
  • Write
    6 Software Developer ( 1 Contractor )
    1 Product Owner

Repository2

  • Admin
    1 DevOps Engineer
    2 Product Owner
  • Write
    6 Software Developer ( 1 Contractor )
    1 Product Owner

Repository3

  • Admin
    1 DevOps Engineer
    2 Product Owner
  • Write
    6 Software Developer ( 1 Contractor )
    1 Product Owner

Repository4

  • Admin
    1 DevOps Engineer
    2 Product Owner
  • Write
    6 Software Developer ( 1 Contractor )
    1 Product Owner

Repository5

  • Admin
    1 DevOps Engineer
    2 Product Owner
  • Write
    6 Software Developer ( 1 Contractor )
    1 Product Owner

Repository6

  • Admin
    1 DevOps Engineer
    2 Product Owner
  • Write
    1 DevOps Engineer
    6 Software Developer ( 1 Contractor )
    2 Test Engineer
    1 Product Owner
    1 Technical Account

Repository7

  • Admin
    1 DevOps Engineer
    2 Product Owner
  • Write
    1 DevOps Engineer
    6 Software Developer ( 1 Contractor )
    2 Test Engineer
    1 Product Owner

Repository8

  • Admin
    1 DevOps Engineer
    2 Product Owner
  • Write
    1 DevOps Engineer
    6 Software Developer ( 1 Contractor )
    2 Test Engineer
    1 Product Owner

Repository9

  • Admin
    1 DevOps Engineer
    2 Product Owner
  • Write
    1 DevOps Engineer
    6 Software Developer ( 1 Contractor )
    2 Test Engineer
    1 Product Owner

Artifact Management System

  • Login access is restricted only to authorized persons

  • Only minimal permissions are granted

  • No unauthorized access

Jfrog Artifactory

Artifact management system to store the build logs and artifacts of your application.

Permissions

  • Admin : Can create, delete repositories and modify repository settings.

  • Write : Can upload, delete, overwrite (in snapshot repositories) artifacts.

  • Read : Can list, download artifacts.

Repository1

  • Admin
    1 DevOps Engineer

  • Write
    1 Technical Account

  • Read
    2 DevOps Engineer
    6 Software Developer ( 1 Contractor )
    2 Test Engineer
    1 Product Owner

Repository2

  • Admin
    1 DevOps Engineer

  • Write
    1 Technical Account

  • Read
    2 DevOps Engineer
    6 Software Developer ( 1 Contractor )
    2 Test Engineer
    1 Product Owner
Staging Environment AWS Staging Environment

  • Cloud Console access is restricted only to authorized persons

  • SSH access is protected by keys and MFA

  • Database access is possible only from the internal network

  • Kubernetes access is possible only from the internal network

  • Only minimal permissions are granted

  • No unauthorized access

AWS Stage

Separated AWS Account for the Stage resources.

Permissions

  • Admin : Can list, create, delete, modify AWS resources.

  • Container Image Admin : Can list, create, delete, modify (in snapshot repositories) Docker images.

  • Container Image Read : Can list Docker images.

  • S3 Backup : Can list, create, delete, modify items in the Backup S3 Bucket.

  • Stage Deploy : Can list, create, delete, modify Kubernetes resources and list Docker images.

  • Admin
    1 DevOps Engineer
    3 Infrastructure Engineer ( 3 Contractor )
    1 Software Developer

  • Container Image Admin
    1 Technical Account

  • Container Image Read
    1 Technical Account

  • S3 Backup
    1 Technical Account

  • Stage Deploy
    2 Software Developer ( 1 Contractor )

AWS Stage Bastion

EC2 instance to access the Stage internal network and databases.

Permissions

  • Root : Can administer Linux OS.

  • User : Can log in and access the internal network of the Staging environment.

  • Root
    1 DevOps Engineer
    1 Infrastructure Engineer ( 1 Contractor )

  • User
    1 DevOps Engineer
    2 Infrastructure Engineer ( 2 Contractor )
    3 Software Developer ( 1 Contractor )
    1 Test Engineer
    1 Technical Account
Production Environment

AWS Production Environment

  • Cloud Console access is restricted only to authorized persons

  • SSH access is protected by keys and MFA

  • Database access is possible only from the internal network

  • Kubernetes access is possible only from the internal network

  • Only minimal permissions are granted

  • No unauthorized access

AWS Prod

Separated AWS Account for the Prod resources.

Permissions

  • Admin : Can list, create, delete, modify AWS resources.

  • Container Image Admin : Can list, create, delete, modify (in snapshot repositories) Docker images.

  • Prod Deploy : Can list, create, delete, modify Kubernetes resources and list Docker images.

  • Admin
    1 DevOps Engineer
    1 Infrastructure Engineer ( 1 Contractor )
    1 Software Developer

  • Container Image Admin
    1 Technical Account

  • Prod Deploy
    2 Software Developer ( 1 Contractor )

AWS Prod Bastion

EC2 instance to access the Prod internal network and databases.

Permissions

  • Root : Can administer Linux OS.

  • User : Can log in and access the internal network of the Production environment.

  • Root
    1 DevOps Engineer
    1 Infrastructure Engineer ( 1 Contractor )

  • User
    3 Software Developer ( 1 Contractor )
    1 Technical Account

Log Analysis and Monitoring

Datadog Loggin and Monitoring System

  • Login access is restricted only to authorized persons

  • Only minimal permissions are granted

  • No unauthorized access

Datadog

Log management and monitoring tool for our staging and production applications.

Permissions

  • Admin : Can administer all resources. Can not delete logs.

  • Write : Can read, create, delete, modify monitors, dashboards. Can read logs.

  • Read : Can read monitors, dashboards, logs.

  • Admin
    1 DevOps Engineer
    1 Software Developer
    1 Technical Account

  • Write
    1 DevOps Engineer
    1 Software Developer ( 1 Contractor )

  • Read
    1 Infrastructure Engineer ( 1 Contractor )
    4 Software Developer
    2 Test Engineer
    3 Support Agent
    3 Product Owner

Átfogó szakértelem, tudástranszfer és Atlassian alkalmazások a legmagasabb szintű Atlassian-partnertől.

Megoldások
Next-gen ITSM
Jira projekt audit
Atlassian migrálás a felhőbe
Vállalati szolgáltatásmenedzsment
Panaszkezelés
HR digitalizáció
Digitalizáció
Projektmenedzsment
Szolgáltatások
Atlassian Tanácsadás
Atlassian Licencek
Atlassian Képzés
Atlassian Support
Email This Issue for Jira szolgáltatások
Alkalmazások
Email This Issue for Jira
Glass Documentation for Jira
Content Exporter for Confluence
Advanced Content Navigator for Confluence
Rólunk
A csapat
Partnereink
Legyünk partnerek
Karrier
Kapcsolat
Tudástár
Sikertörténetek
Blog
Események
Letölthető anyagok
Dokumentáció
Demók
Jogi dokumentumok
Logo Kit

© 2007 - 2024 META-INF, Atlassian Platinum Solution Enterprise Partner & Platinum Marketplace Partner. Minden jog fenntartva.

Adatvédelmi tájékoztató

By clicking “Accept All Cookies”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.
PreferencesAccept