As most of you know by now, Atlassian considers themselves a Cloud-first organization... and rightly so! In the last 365 days, Atlassian has made the following major changes to their Cloud platform:
- Different Cloud deployment tiers: Free, Standard, Premium, and Enterprise
- Atlassian Access: Security and SSO management in Atlassian Cloud
- Atlassian Cloud two-year price lock: You can now purchase 24 months of maintenance on Atlassian Cloud products
With all the buzz around Atlassian's Cloud options and enhanced capabilities, there has been a big push for organizations to move into Atlassian Cloud. However, there are multiple things to consider as you are putting together a plan of action. Is Atlassian Cloud right for you? I wrote a blog post about this last year, which you can find here.
However, for this blog, I wanted to highlight the differences between Cloud and Server/Data Center SSO options from Atlassian. These characteristics are important to understand as you evaluate whether or not Cloud is your new "home." Listed below are the breakdowns of each product.
Atlassian describes Atlassian Access as achieving the following: "Atlassian Access is your enterprise-wide subscription for enhanced security and centralized administration that works across every Atlassian Cloud product used at your organization, including Jira Software, Jira Service Desk, Confluence, Bitbucket, and Trello." They boast, "Gain peace of mind with enterprise-grade security controls." Atlassian Access offers:
- SAML single sign-on (SSO)
- Increase security and simplified login
- Organization audit log
- Gain visibility into important activities
- Enforced 2FA
- Require verification upon login
- Use provisioning
- Automate user lifecycle management
- Organization insight
- Understand product adoption
- Security integrations (CASB)
- Monitor for suspicious activities
- Active Directory sync
- With Okta, Azure, OnLogin, and more
- API token controls
- View and manage API access
- Atlassian Access Support
- Get enhanced support from Atlassian's global team
And here's a list of what Access doesn't provide:
- The cost of access to the Atlassian applications. If you purchase Atlassian Access, you STILL need to purchase all the Atlassian applications you wish to utilize.
- Atlassian Access is simply the Security and SSO authentication for the applications.
- AD Attributes
In order to enforce the AD attributes you are used to using as part of your AD authentication, you will need to purchase an app. You can find the app here.
Atlassian's Crowd product is described as "centralized identity management. Manage users from multiple directories--Active Directory, LDAP, OpenLDAP, or Microsoft Azure AD--and control application authentication permissions in one single location." Crowd offers:
- Single sign-on (SSO)
- Make life easy for your users by giving them one username and password to log in to all the applications they need access to. Seamlessly integrate all your Atlassian products--like Jira, Confluence, and Bitbucket--to give your users one simple single sign-on (SSO) experience
- Centralize multiple directories
- Map any combination of directories to a single application, perfect for managing users not in your main directory, and manage authentication permissions in the same place. Get started with connectors for AD, LDAP, Microsoft Azure AD, Novell eDirectory, and more. You can even create your own custom connector.
- Govern group permissions
- Can't make group changes in your directory? Keep your users in LDAP and define their authentication permissions in Crowd. Save time by setting up new users to be automatically added to specified groups.
- Integrate with your existing infrastructure
- Easily integrate with your current identity infrastructure using built-in integrations like Microsoft Azure AD support, Google Apps, and other third-party apps. Give developers one REST interface to build custom integrations...no need to learn LDAPv3. Change directories without impacting your applications.
- Meet compliance and security requirements
- Crowd's built-in audit log improves control over your setup by tracking configuration changes, providing an additional layer of security. Integrate with 3rd party tools to report audit entries into Crowd via REST API and get an overview of every change made across your entire ecosystem.
Updates on Crowd
Since September of 2019, Atlassian has had three major releases. The following are the major updates and corresponding release notes:
- 3 September 2019:
- Azure AD group filtering
- 3 October 2019:
- Universal Plugin Manager
- 25 February 2020:
- Improved authentication performance for multiple directories
- Support for JDK 11
- Improved performance of nested groups
Have more questions about Atlassian Access and/or Crowd? Contact us today! We'd be happy to schedule a demo for you or talk about your Atlassian initiatives.