This site is moving soon to become part of an integrated Appfire documentation and information site for our apps. This site will remain available during the transition to our new and improved site. Once this site is moved over, this banner will be updated with the new site link for easy access.

Take a look here! If you have any questions please email support@appfire.com

Security and compliance

 

Where is your data?

Panorama data is stored in AWS data centres in United States. Data is protected with the following controls: 

  • Encryption of data-at-rest using symmetric key. The key is rotated every 90 days.

  • Encryption of token used for Jira data access using symmetric key, rotated every 90 days.

  • Database access credentials are encrypted and rotated.

  • Data of customers who stopped using the service is deleted within a month after service usage termination.

  • Data-in-transit sent only through secure protocol.

  • Customer data is not logged.

Access control

  • Access to environment hosting Panorama data is strictly restricted to Digital Toucan staff.

  • Access credentials for the staff are rotated quarterly and protected with two-factor-authentication.

  • Single system for revoking control to production environment.

  • Digital Toucan won't grant access to customer data to any 3rd party company.

Disaster recovery

  • Infrastructure runs with one data-centre redundancy. This follows AWS public guideline to distribute traffic across two different availability zones, in order to handle the case in which one of them is unavailable.

  • In case of major outage, the service has capability to run in other AWS region or on infrastructure of different Cloud provider.

  • Daily backups are stored on S3 and distributed to two AWS regions (us-east-1 and us-west-2) to handle scenario in which the primary region fails.

Data recovery

Maximum data loss is 24 hours, backups are done daily.

 


What data is stored?

Panorama does not extract or store any data that comes from your Jira instance.

It stores:

  • information about the host that is required for authentication

  • data created within the add-on, such as structure of your work

For instance, the service keeps information about panorama's name, identifiers of the issues added to the panorama and identifiers of the users who performed actions in the panorama. The service doesn't store information about issues, users or projects. 

Below you can see an example on how the data is stored in the database. 

{ "_id" : "jira:f6f1d26e-78aa-4d26-9e36-20ee3a47b6ac", "publicKey" : "***", "sharedSecret" : "***", "baseUrl" : "https://jqlsearchextensions.atlassian.net", "productType" : "jira", "description" : "Atlassian JIRA at https://jqlsearchextensions.atlassian.net", "addonInstalled" : true}{ "_id" : ObjectId("5b582ca5835e13000443333c"), "panoramaId" : "5b582c98835e130004433339", "parentId" : "5b582c99835e13000443333a", "created" : ISODate("2018-07-25T07:54:13.338Z"), "updated" : ISODate("2018-07-25T07:54:13.338Z"), "type" : "ISSUE", "issueId" : NumberLong(12731), "tenantId" : "jira:f6f1d26e-78aa-4d26-9e36-20ee3a47b6ac", "state" : "ACTIVE", "childrenOrder" : [ "5b582cb0835e13000443333e" ], "creator" : { "$ref" : "jiraUser", "$id" : ObjectId("5b3640f8f4a17f0004143c40") }}


 

 


Haven’t found what you’re looking for? Contact our support - we’ll be happy to help you.