With the proliferation of flexible remote work, mobile has become more critical than ever to the modern workforce. Enterprise administrators often have to manage thousands of mobile devices. They need efficient ways to enforce security controls across these devices to prevent data loss or unauthorized access. And, with the increasing adoption of cloud applications, securely delivering them over mobile is a key aspect of corporate compliance.
To address these needs, Atlassian continues to invest in its mobile capabilities for enterprises so they can securely scale usage of Atlassian products to their mobile workforce. In 2020, we shipped device visibility so organization admins can see the mobile devices used by employees to access Atlassian cloud products. We have now added MDM (Mobile Device Management) support to our Jira, Confluence, Trello, and Opsgenie mobile applications, so admins can enforce security settings such as restricting copy and paste, blocking screenshots, requiring users to authenticate with FaceID/TouchID, and more. These settings can be enforced across all mobile devices enrolled in the company’s MDM program.
How our MDM solution works
Our MDM solution was built with three fundamental principles in mind:
- Security: Meet our customers’ most stringent security requirements on mobile.
- Scale: Suit any customer size and deployment model.
- Ease of adoption: Make it easy to implement and follow industry standards.
Based on our approach, we implemented the AppConfig standard supported by most MDM solutions, including Microsoft Intune, VMware, MobileIron, and JAMF. We also leveraged out-of-the-box features available from the OS (Android and iOS) so we did not have to re-invent the wheel.
Customers can use any third-party MDM provider, including Microsoft Intune, VMWare’s Airwatch, and JAMF, to manage their organization’s mobile devices. The security settings can be configured in the MDM console and then pushed to an end user’s enrolled mobile device.
If the end user’s device is not already enrolled in the company’s MDM program, they’ll need to first set up the MDM profile on their device. Then, they can directly download the appropriate Atlassian product app from Google Play or the App Store, or from their organization’s list of supported apps. Here’s how an MDM-compliant app looks from an end user’s point of view:
Security controls available for iOS and Android devices
The tables below show the security controls available on each platform.
| Security controls for iOS devices |
| – Prevent users from cutting, copying, and pasting from Atlassian mobile apps to other apps – Restrict users from sharing data to other devices with the iOS share sheet – Force users to verify their identity before using Atlassian mobile apps – Restrict users from logging in with an account outside of your organization – Prevent users’ devices from backing up data to iTunes or iCloud – Prevent users from taking screenshots – Prevent a compromised (rooted) device from accessing Atlassian mobile apps – Set a minimum or maximum operating system – Require users to set a device passcode – Store account data in an encrypted form on the device – Store app data only in places on the device where backup and sharing is restricted |
| Security controls for Android devices |
| – Restrict users from logging in with an account outside of your organization – Prevent users from taking screenshots – Prevent users from cutting, copying, and pasting from Android Enterprise apps to other apps – Force users to verify their identity before using the app – Prevent a compromised (rooted) device from accessing Atlassian mobile apps – Set a minimum or maximum operating system – Require users to set a device passcode – Store app data only in places on the device where backup and sharing is restricted |
To configure and implement MDM for your organization, you can visit our public documentation.
For customers who need a more flexible solution and support both enrolled devices and bring-your-own devices, we plan to release MAM (Mobile Application Management) in our Cloud Enterprise offering later in the year. This will enable customers to configure security controls directly within the Atlassian admin console.
The early access program for MAM will be available in June 2021. If you’re interested, don’t hesitate to get in touch!