As part of Atlassian’s ongoing drive to bring customers to the Cloud, they’ve released new features and initiated new programs to make the cloud appealing to all businesses of all sizes. Special attention is being focused on large customers (organizations with 100 or more users), where leadership and technical officers may be more accustomed to on-prem instances.
Premium and Enterprise Cloud customers can enjoy perks like a sandbox for testing and experimenting without worrying that you’ll accidentally impact your production environment; and bundled releases so you can always be on the latest and greatest if you want to, but also opt to know what’s coming and prepare your users. And in the Marketplace, they can easily find Cloud Fortified apps.
What is Cloud Fortified?
So what does it mean to be fortified? Extra vitamin A added to your cereal? Meter thick rock walls with slots for shooting arrows and pouring boiling oil?
Cloud Fortified apps have completed a program (that they must renew annually) to demonstrate that they are enterprise-ready. Not only do these apps meet or exceed Atlassian’s cloud security standards, they also meet Atlassian-aligned performance and reliability requirements and offer strict support SLAs.
Here’s how it works:
Security
Since security is always top priority, Atlassian’s baseline Cloud security program includes:
- Ecoscanning – Continuous monitoring for common security vulnerabilities.
- Vulnerability Disclosure Program – Customers and security researchers report cloud app vulnerabilities to Atlassian and Marketplace Partners.
- Cloud App Security Requirements: Atlassian’s minimum set of mandatory requirements that all Marketplace cloud apps must meet.
- Security Bug Fix Policy: All Marketplace Partners are expected to meet Security Bug Fix SLAs to ensure cloud app vulnerabilities are addressed promptly.
To earn the Fortified badge, apps have to be part of two additional security programs:
- Marketplace Bug Bounty Program – To proactively combat security risks before they arise by incentivizing security researchers to find vulnerabilities.
- Security Self-Assessment Program –An annual security assessment reviewed and approved by Atlassian.
Reliability
The second part of the Cloud Fortified program focuses on reliability – avoiding down time and ensuring performance at scale. The app vendor must:
- Set Service Level Objectives (for example, 99.95% uptime).
- Engage in proactive testing to prevent outages, coordinated with Atlassian updates to ensure compatibility with host product changes.
- Maintain incident management, service restoration and incident review processes that are integrated with Atlassian’s for faster recovery and continuous improvement.
Support
Finally, Atlassian recognizes that even with all of the security and reliability methods in place, there will still be times when customers need assistance from app providers. Therefore, Cloud Fortified apps must offer a 24 hour response time, 5 days a week SLA for all T1 tickets.
Clockwork Automated Timesheets Pro
We are pleased to announce that Clockwork Pro has made the cut and is now Cloud Fortified. This is the first of our apps to earn the Fortified badge, but we’ll be bringing our other apps within the castle walls soon. We need to do the paperwork for Atlassian, but rest assured that all of our apps our backed by the same security policy, the same team of dedicated engineers and the SLA.
Start your free trial of Clockwork Pro now!