Atlassian Access는 이제 Atlassian Guard로 변경되었습니다. 블로그 읽기 →
Getting started with Guard
소개
이 설정 가이드에서는 Atlassian Guard 평가판을 설정하는 단계를 설명합니다. 이 가이드에는 모범 사례 권장 사항을 따르는 단계가 포함되어 있지만, 조직의 고유한 요구 사항에 따라 일부 컨트롤은 필요하지 않을 수도 있습니다.
시작하기
조직에 대한 가시성을 높이고 사용자에 대한 액세스 권한을 효과적으로 관리하기 위한 다음 3단계로 비즈니스를 보호하세요.
Manage how users log in with authentication policies
A strong authentication policy can help prevent the risk of compromised accounts from accessing your data. Since teams and users can access a variety of tools and information, you have the control to make different requirements apply to different sets of users.
Authentication policy capabilities include:
- Enforce two-step verification or single sign-on
- Create different authentication policies for different cohorts of users
- Create authentication policy for external users
- Get alerts when authentication policies are changed (Premium only)
Automatically provision users
Avoid manual, error-prone processes by connecting to your existing identity provider to automate user provisioning. By specifying a SCIM schema, you can automatically create accounts and update group memberships, providing your users with the right product access for their role or business unit. By automatically removing users when they leave your organization, you avoid paying for users who no longer need access.
User provisioning capabilities include:
- Connect an identity provider and automatically provision users
- Automatic sync new users, removes old users, and updates group memberships for existing users
Control user API tokens
User API tokens are used to perform actions using the API. They are tied to individual users, and if compromised, they can present a huge risk to your organization. As an admin, you can gain control and visibility into the user API token lifecycle with Guard.
API token control capabilities include:
- Revoke API tokens so they can no longer be used
- Get alerts when tokens are created or revoked (Premium only)
조직 및 도메인 확인
도메인 확인은 어떻게 사용하나요?
회사의 이름이 Acme Inc.이며 “acme.com” 도메인 및 “acme.co.uk” 도메인을 소유한다고 가정해 보겠습니다.
조직을 설정하면 조직 보기의 디렉터리 > 도메인 페이지에서 이러한 도메인의 소유권을 확인할 수 있습니다. 도메인의 웹사이트의 루트 폴더에 HTML 파일을 업로드하거나 DNS(Domain Name System)에 TXT 레코드를 복사할 수 있습니다.
이러한 단계 중 하나를 거치면 확인을 클릭할 수 있습니다. “jack@acme.com” 및 “jill@acme.co.uk”와 같은 도메인의 이메일로 계정을 설정한 Atlassian Cloud 사용자는 이제 조직의 일부로 관리됩니다.
도메인을 확인하면 현재 관리하지 않는 사이트 및 제품에 대한 Atlassian 계정을 관리할 수 있게 됩니다. 예를 들어, 회사 내에 Atlassian Cloud 제품에 등록했으나 범위에 속하지 않던 다른 팀 또는 직원이 있을 수 있습니다. 도메인을 확인하기 전에 Atlassian Cloud 제품을 사용하는 회사 내 다른 사이트 관리자 또는 팀에 곧 변경되는 사항을 알려 주는 것이 좋습니다.
조직의 관리자가 도메인을 확인하면, 도메인에 속한 이메일 주소를 가진 Atlassian 사용자는 프로필 설정에서 이제 조직에서 계정을 관리한다는 메시지를 받게 됩니다.
조직의 관리되는 계정 페이지로 이동하여 개별 계정에 대한 사용자 세부 사항을 편집할 수 있습니다. 보안 정책을 적용하고 Atlassian Guard를 구독하고자 하는 경우, 관리되는 계정이 있는 사용자는 설정한 모든 정책의 적용을 받게 됩니다.
Use security policies to reduce the risk of data loss
Loss of sensitive company data can be disastrous for an organization. Jira and Confluence capabilities designed to aid collaboration, such as export, public links, and public access, can become a risk when handling confidential, commercially sensitive, or otherwise mission-critical user-generated content.
Data security and mobile app management (MAM) policies help you govern how users, apps, and people outside of your organization interact with content, such as Confluence pages and Jira issues, and reduces the risk of data leaving the applications you control.
Data security and mobile policy capabilities include:
- Create data security policies to restrict actions like export, public links, and anonymous access
- Use a mobile app policy to block screenshots, screen recording, downloads, and more
- Apply data security policies to classified data (Premium only)
Classify your data based on sensitivity levels
Data classification is the process of labeling information. It serves as the foundation of a data governance strategy in many organizations, particularly those that need to comply with government or other regulatory requirements. By adding classification levels with Guard, your space and project admins can set a default level for their space or project, and users can classify individual pages and issues.
Data classification capabilities, exclusive to Guard Premium, include:
- Manage organization-wide classification levels
- Apply classification levels to Confluence and Jira content
- Use data security policies to block actions like export, public links, and more for classified content
- Get an alert when the classification level of content changes
SAML SSO(Single Sign-On)
SAML SSO란 무엇인가요?
SAML SSO(single sign-on)를 사용하면 사용자들은 회사의 기존 ID 공급자를 통해 Atlassian Cloud 제품에 인증할 수 있습니다. 이는 사용자가 단순히 사용자 이름 및 비밀번호가 아닌 더 안전한 인증 방법을 통해 동일한 자격 증명으로 여러 도구에 액세스할 수 있는 것입니다.
Gain insights into product usage and security practices
As an admin, you may struggle with resource allocation or security risk management due to limited visibility into how your teams are using Atlassian cloud products. Guard gives you visibility into your organization’s product usage, shadow IT, and users’ security posture, so you can make informed, data-driven decisions.
Capabilities that enhance visibility include:
- Get insights into active users and authentication methods
- View products created by managed users, administered outside of your organization
Access organization-wide audit logs
When it comes to diagnosing issues or answering questions around user activity in detail, you need to be able to access and examine that data easily. With audit logs in Guard, you can track key activities that occur within your Atlassian organization. Use these activities to diagnose problems or questions related to user details, product access, managed accounts, and organization settings.
Audit log capabilities include:
- View audit logs for administrator activity, such as changes to user access
- View audit logs for user-created activity (Premium only)
- Track user API token usage (Premium only)
- Use webhooks to send audit log events to a third-party tool (Premium only)
SCIM 자동화된 사용자 프로비저닝
사용자 프로비전 및 프로비전 해제란 무엇입니까?
사용자 프로비전 및 프로비전 해제를 통해 Atlassian Cloud 제품에 대한 액세스 권한이 외부 디렉터리에 설정된 규칙에 따라 정의됩니다. 외부 디렉터리에서 사용자를 추가 또는 제거할 때 사용자 온보딩 및 오프보딩이 자동으로 실행됩니다. 이 사용자 디렉터리는 일반적으로 ID 공급자라고 하는 소프트웨어 벤더의 서비스로 제공됩니다. Atlassian Guard를 사용하면 고객이 Atlassian Cloud 제품과 ID 공급자를 통합할 수 있습니다.
Detect suspicious user activity
Get alerts when certain types of user activity are detected, such as authorization and access events, data exfiltration events, product and integration configuration changes across Atlassian Administration, Jira, and Confluence.
With alerts, you have the information you and your security team need to thoroughly investigate the alert and remediate, if necessary.
Activity detection capabilities, exclusive to Guard Premium, include:
- Get an alert when detection criteria is met
- Send alerts to your existing SIEM or messaging tool
- Exclude specific users to reduce the number of false positive alerts
Detect sensitive data and data misuse
When work happens in Confluence and Jira, there’s always a chance someone includes data that shouldn’t be stored in your Atlassian cloud products, such as credit card numbers, API tokens, or AWS access keys.
Get alerts when certain types of sensitive data are added to a page or issue, allowing your security team to investigate and remove the data if appropriate.
Content scanning capabilities, exclusive to Guard Premium, include:
- Get alerts when common types of sensitive data are added
- Create custom detections for terms, phrases, and patterns
- Exclude selected pages or issues to reduce the number of false positive alerts
- Integrate with your existing SIEM or other tools
Investigation and remediation
Investigation and remediation are critical steps in cybersecurity incident response. It involves the process of identifying, analyzing, and understanding the nature and scope of a security incident, followed by taking any necessary actions to resolve the incident and mitigate its impact on the organization.
Respond to alerts
Security risks can go unnoticed and it can escalate and cause significant harm to your organization if it is not promptly identified and addressed. As an admin or security professional, you can quickly identify risks and take immediate action to prevent further damage. By regularly investigating alerts, you can fine-tune security measures and policies for your organization.
Investigation capabilities, exclusive to Guard Premium, include:
- Use suggested investigation steps to better understand the alert
- View information about the actor, to help determine whether the activity is suspicious
- See contextual data on the alert and the actor, such as an activity timeline panel
Remediation actions
When a security threat arises, a delayed response can increase the risk and impact of the threat. To help streamline your response, each alert has its own set of recommended remediation steps. These are provided to help your team act quickly to minimize the security impact of the potentially risky activity or data misuse.
Remediation capabilities, exclusive to Guard Premium, include:
- Use suggested remediation steps to streamline your response
- Take immediate steps to stop any further activity from happening, such as suspending the actor
- Update policies and settings to strengthen enforcement
- Automate common remediation actions, such as restricting the page or redacting data (coming soon)
아직 도움이 필요하십니까?
Atlassian Guard 설정 등에 관한 모든 질문에 답변해 드리겠습니다