Close
¿Quieres ver esta página en tu idioma?
Todos los idiomas
Elige tu idioma

Atlassian Access es ahora Atlassian Guard. Lee el blog. →

Índice
Getting started

Getting started with Guard

Introducción

En esta guía de configuración te explicaremos los pasos que debes seguir para configurar tu versión de prueba de Atlassian Guard. Se describen los pasos según nuestras prácticas recomendadas, pero puede que algunos controles no sean necesarios para los requisitos específicos de tu organización.

Inicio

Empieza a proteger tu empresa con estos tres pasos para ganar visibilidad de tu organización y gestionar de forma eficaz el acceso de tus usuarios.

Manage how users log in with authentication policies

A strong authentication policy can help prevent the risk of compromised accounts from accessing your data. Since teams and users can access a variety of tools and information, you have the control to make different requirements apply to different sets of users.

Authentication policy capabilities include:

  • Enforce two-step verification or single sign-on
  • Create different authentication policies for different cohorts of users
  • Create authentication policy for external users
  • Get alerts when authentication policies are changed (Premium only)
What are authentication policies?

Automatically provision users

Avoid manual, error-prone processes by connecting to your existing identity provider to automate user provisioning. By specifying a SCIM schema, you can automatically create accounts and update group memberships, providing your users with the right product access for their role or business unit. By automatically removing users when they leave your organization, you avoid paying for users who no longer need access.

User provisioning capabilities include:

  • Connect an identity provider and automatically provision users
  • Automatic sync new users, removes old users, and updates group memberships for existing users
What is user provisioning?

Control user API tokens

User API tokens are used to perform actions using the API. They are tied to individual users, and if compromised, they can present a huge risk to your organization. As an admin, you can gain control and visibility into the user API token lifecycle with Guard.

API token control capabilities include:

  • Revoke API tokens so they can no longer be used
  • Get alerts when tokens are created or revoked (Premium only)
What are API token controls?

Verificación de la organización y el dominio

¿Cómo funciona la verificación de dominios?

Imagina que tu empresa se llama Acme Inc. y es propietaria de los dominios «acme.com» y «acme.co.uk».

Una vez que hayas configurado tu organización, puedes verificar la propiedad de esos dominios desde la página Directorio > Dominios en la vista de la organización. Puedes subir un archivo HTML a la carpeta raíz del sitio web de tu dominio o copiar un registro TXT a tu sistema de nombres de dominio (DNS).

Después de realizar uno de estos pasos, puedes hacer clic en Verificar. Los usuarios de Atlassian Cloud que hayan configurado sus cuentas con el correo electrónico de esos dominios, como jack@acme.com y jill@acme.co.uk, se gestionarán a partir de ahora como parte de tu organización.

Cuando verificas tu dominio, puedes empezar a gestionar las cuentas de Atlassian de los sitios y productos que actualmente no gestionas. Por ejemplo, puede que haya otros equipos o empleados dentro de la empresa que se hayan registrado en productos de Atlassian Cloud y no estuvieran previamente dentro de tu competencia. Antes de que verifiques tu dominio, te recomendamos que informes a otros administradores de sitios o equipos de la empresa de que utilicen los productos de Atlassian Cloud para que estén al tanto de los próximos cambios.

Una vez que el administrador de una organización verifique su dominio, los usuarios de Atlassian con direcciones de correo electrónico pertenecientes a ese dominio verán un mensaje en la configuración de su perfil indicando que la organización es la que ahora gestiona su cuenta.

Puedes ir a la página de cuentas gestionadas de tu organización y editar los detalles del usuario de cuentas individuales. Si quieres aplicar políticas de seguridad y suscribirte a Atlassian Guard, tus usuarios con cuentas gestionadas estarán sujetos a cualquier política que establezcas.

Use security policies to reduce the risk of data loss

Loss of sensitive company data can be disastrous for an organization. Jira and Confluence capabilities designed to aid collaboration, such as export, public links, and public access, can become a risk when handling confidential, commercially sensitive, or otherwise mission-critical user-generated content.

Data security and mobile app management (MAM) policies help you govern how users, apps, and people outside of your organization interact with content, such as Confluence pages and Jira issues, and reduces the risk of data leaving the applications you control.

Data security and mobile policy capabilities include:

  • Create data security policies to restrict actions like export, public links, and anonymous access
  • Use a mobile app policy to block screenshots, screen recording, downloads, and more
  • Apply data security policies to classified data (Premium only)
What are data security policies?
What is mobile app management?

Classify your data based on sensitivity levels

Data classification is the process of labeling information. It serves as the foundation of a data governance strategy in many organizations, particularly those that need to comply with government or other regulatory requirements. By adding classification levels with Guard, your space and project admins can set a default level for their space or project, and users can classify individual pages and issues.

Data classification capabilities, exclusive to Guard Premium, include:

  • Manage organization-wide classification levels
  • Apply classification levels to Confluence and Jira content
  • Use data security policies to block actions like export, public links, and more for classified content
  • Get an alert when the classification level of content changes
What is data classification?

Inicio de sesión único SAML

¿Qué es el inicio de sesión único de SAML?

El inicio de sesión único de SAML (SSO) permite a los usuarios autenticarse en los productos de Atlassian Cloud a través del proveedor de identidades existente de la empresa. Esto implica que pueden acceder a diferentes herramientas con el mismo conjunto de credenciales, haciendo uso de un método de autenticación más seguro que solo un nombre de usuario y una contraseña.

Gain insights into product usage and security practices

As an admin, you may struggle with resource allocation or security risk management due to limited visibility into how your teams are using Atlassian cloud products. Guard gives you visibility into your organization’s product usage, shadow IT, and users’ security posture, so you can make informed, data-driven decisions.

Capabilities that enhance visibility include:

  • Get insights into active users and authentication methods
  • View products created by managed users, administered outside of your organization
What are organization insights?
What are discovered products?

Access organization-wide audit logs

When it comes to diagnosing issues or answering questions around user activity in detail, you need to be able to access and examine that data easily. With audit logs in Guard, you can track key activities that occur within your Atlassian organization. Use these activities to diagnose problems or questions related to user details, product access, managed accounts, and organization settings.

Audit log capabilities include:

  • View audit logs for administrator activity, such as changes to user access
  • View audit logs for user-created activity (Premium only)
  • Track user API token usage (Premium only)
  • Use webhooks to send audit log events to a third-party tool (Premium only)
What are organization audit logs?

Aprovisionamiento de usuarios automatizado (SCIM)

¿Qué son el aprovisionamiento y el desaprovisionamiento de usuarios?

Con el aprovisionamiento y desaprovisionamiento de usuarios, las reglas establecidas en el directorio externo definirán el acceso a los productos de Atlassian Cloud. La incorporación y gestión de salida de empleados tiene lugar de forma automática cuando estos se añaden al directorio externo o se eliminan de él. Este directorio de usuarios lo suele ofrecer como servicio un proveedor de software conocido como "proveedor de identidades". Atlassian Guard permite a los clientes integrar sus productos de Atlassian Cloud con un proveedor de identidades.

Detect suspicious user activity

Get alerts when certain types of user activity are detected, such as authorization and access events, data exfiltration events, product and integration configuration changes across Atlassian Administration, Jira, and Confluence.

With alerts, you have the information you and your security team need to thoroughly investigate the alert and remediate, if necessary.

Activity detection capabilities, exclusive to Guard Premium, include:

  • Get an alert when detection criteria is met
  • Send alerts to your existing SIEM or messaging tool
  • Exclude specific users to reduce the number of false positive alerts
What are user activity detections?

Detect sensitive data and data misuse

When work happens in Confluence and Jira, there’s always a chance someone includes data that shouldn’t be stored in your Atlassian cloud products, such as credit card numbers, API tokens, or AWS access keys.

Get alerts when certain types of sensitive data are added to a page or issue, allowing your security team to investigate and remove the data if appropriate.

Content scanning capabilities, exclusive to Guard Premium, include:

  • Get alerts when common types of sensitive data are added
  • Create custom detections for terms, phrases, and patterns
  • Exclude selected pages or issues to reduce the number of false positive alerts
  • Integrate with your existing SIEM or other tools
What is content scanning?

Investigation and remediation

Investigation and remediation are critical steps in cybersecurity incident response. It involves the process of identifying, analyzing, and understanding the nature and scope of a security incident, followed by taking any necessary actions to resolve the incident and mitigate its impact on the organization.

Respond to alerts

Security risks can go unnoticed and it can escalate and cause significant harm to your organization if it is not promptly identified and addressed. As an admin or security professional, you can quickly identify risks and take immediate action to prevent further damage. By regularly investigating alerts, you can fine-tune security measures and policies for your organization.

Investigation capabilities, exclusive to Guard Premium, include:

  • Use suggested investigation steps to better understand the alert
  • View information about the actor, to help determine whether the activity is suspicious
  • See contextual data on the alert and the actor, such as an activity timeline panel
What are alert investigations?

Remediation actions

When a security threat arises, a delayed response can increase the risk and impact of the threat. To help streamline your response, each alert has its own set of recommended remediation steps. These are provided to help your team act quickly to minimize the security impact of the potentially risky activity or data misuse.

Remediation capabilities, exclusive to Guard Premium, include:

  • Use suggested remediation steps to streamline your response
  • Take immediate steps to stop any further activity from happening, such as suspending the actor
  • Update policies and settings to strengthen enforcement
  • Automate common remediation actions, such as restricting the page or redacting data (coming soon)
What are remediation options?

¿Sigues necesitando ayuda?

Nuestro equipo puede responder a todas tus preguntas sobre la configuración de Atlassian Guard y demás

Start free trial