BDQ

Atlassian Cloud - Jira, Jira Service Desk and Confluence

The Atlassian products provide industry leading task tracking, project planning and collaboration tools. This service is hosted by Atlassian within their Cloud infrastructure with BDQ providing implementation consultancy as an Atlassian Solution Partner.

Features

  • Jira - Flexible planning and tracking capabilities
  • Jira Service Desk - Powerful service management solution
  • Confluence - Collaboration tool to organize and discuss work
  • Portfolio - Agile portfolio management tool, built for Jira

Benefits

  • Plan and manage tasks across your team
  • Track, prioritise and discuss your team's work with complete visibility
  • Easily customisable dashboards give complete visibility
  • An "anyone can use" service desk with knowledge base
  • Spend less time hunting down documents and emails
  • Centralise documentation in a single, searchable repository
  • Easy to use collaboration improves team efficiency
  • Easy to use security ensures content is kept safe
  • Easy to use and adopt

Pricing

£75 an instance

  • Education pricing available
  • Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at enquiries@bdq.cloud. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 12

Service ID

1 4 1 6 0 1 3 1 6 6 6 2 8 7 1

Contact

BDQ Dominic Bush
Telephone: +44 (0)844 8265 236
Email: enquiries@bdq.cloud

Service scope

Software add-on or extension
No
Cloud deployment model
Public cloud
Service constraints
The Atlassian Cloud product storage policy is here:
https://confluence.atlassian.com/cloud/atlassian-cloud-storage-policy-873871366.html

Atlassian Cloud maintenance windows aim to be less than 15 minutes per week and run between 1am and 3pm daily. These windows are only used in the event that there is a change to release.
System requirements
See support browsers in the "Using the Service" section.

User support

Email or online ticketing support
Email or online ticketing
Support response times
Monday - Friday 9am - 5pm.
Our response time is between 4 hours and 2 days depending on the severity of the issue.
Out of hours support is available at additional cost.
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
WCAG 2.1 AA or EN 301 549
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
Standard support - Included.

Premium support
Includes critial SLA 30 minutes.
$35,000/year.

Technical Account Management (TAM)
Dedicated analyst 8 hours / week
Quarterly onsite visits.
$60,000/year
Support available to third parties
Yes

Onboarding and offboarding

Getting started
We can provide onsite or public training courses for the products and consultancy services to make sure that your projects get off to the best possible start and follow best practice guidance.

Full user documentation is available for all the products.
Service documentation
Yes
Documentation formats
HTML
End-of-contract data extraction
The Atlassian products provide tools which allow the contents of the products to be extracted to open formats.
End-of-contract process
At additional cost we can provide consultancy services to off-board the data. Please see our SFIA rate card for pricing.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
When you view the Atlassian products on a mobile device an optimised version of the page is displayed. It is possible to switch to a desktop view if required.
Service interface
No
API
Yes
What users can and can't do using the API
He Atlassian products have extensive REST-based APIs that allow configuration of the services and editing of the data within the product.

For example, here is the documentation for JIRA Cloud:
https://docs.atlassian.com/jira/REST/cloud/
API documentation
Yes
API documentation formats
HTML
API sandbox or test environment
No
Customisation available
Yes
Description of customisation
Customers can change the visual appearance of the applications to match their own branding. Themes can be applied to change the colour scheme and custom logos can be added.

Additionally, add-ons from the Atlassian Marketplace can be used to add to the functionality of the products. We can also provide bespoke add-on development services, should the customer require some functionality or custom integration that is not available in the Marketplace.

Issue types and workflows can also be customised to match the business or development processes that the customer follows.

Scaling

Independence of resources
Atlassian ensures this by provisioning instances based on usage. This ensures that one customer's usage does not impact other users of the system.

Analytics

Service usage metrics
No

Resellers

Supplier type
Reseller providing extra features and support
Organisation whose services are being resold
Atlassian

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
  • EU-US Privacy Shield agreement locations
User control over data storage and processing locations
No
Datacentre security standards
Supplier-defined controls
Penetration testing frequency
Never
Protecting data at rest
Physical access control, complying with CSA CCM v3.0
Data sanitisation process
Yes
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
Authorised users can export data from within the application to a number of different formats.
Data export formats
  • CSV
  • Other
Other data export formats
  • PDF
  • Word
  • Excel
Data import formats
  • CSV
  • Other
Other data import formats
Word

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
Varies on deployment type and customer requirements.
Approach to resilience
Available on request
Outage reporting
Atlassian publish a public dashboard showing current status of their cloud products using their StatusPage service.

Identity and authentication

User authentication needed
Yes
User authentication
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
Access restrictions in management interfaces and support channels
Only those users assigned to the administrator groups have access to the management user interface. A buyer specified set of users are permitted to raise support requests.
Access restriction testing frequency
At least every 6 months
Management access authentication
Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
Between 1 month and 6 months

Standards and certifications

ISO/IEC 27001 certification
No
ISO 28000:2007 certification
No
CSA STAR certification
Yes
CSA STAR accreditation date
March 20, 2018
CSA STAR certification level
Level 1: CSA STAR Self-Assessment
What the CSA STAR doesn’t cover
Any third-party add-ons added by the Buyer.
PCI certification
No
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
No
Security governance approach
Available on request.
Information security policies and processes
We follow best practices as described in the government security essentials advice.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Atlassian rigorously tracks and monitors all software changes made to the products and run comprehensive automated testing to ensure that changes do not introduce defects into the software which may compromise security.

All software changes are code reviewed within Atlassian before being deployed to product instances.
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
Atlassian have an extensive security program that includes ongoing testing of their hosted systems and products. They also undertake third party independent assessments of our Cloud products.

Atlassian set out their security bugfix SLA in this document:
https://www.atlassian.com/trust/policies/security-bugfix-policy
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
Atlassian has an ongoing system of monitoring access to check for unauthorised access. If a compromise is detected the account holder is notified and access is locked off until the problem is resolved.

Incidents are handled at the "Level-1 Critical" standard within the Atlassian support response SLA, i.e. 1 hour for the standard Cloud based instances.
Incident management type
Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach
Atlassian sets out it's incident management approach in this document:
https://www.atlassian.com/trust/security/security-incident-responsibilities

Users should report incidents via support. Incident reports will be provided to a user specified by the Buyer via email.

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Public sector networks

Connection to public sector networks
No

Pricing

Price
£75 an instance
Discount for educational organisations
Yes
Free trial available
Yes
Description of free trial
30 day free trial period

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at enquiries@bdq.cloud. Tell them what format you need. It will help if you say what assistive technology you use.