How to secure Atlassian using CASB Solution

Secure your Atlassian with the miniOrange CASB solution to protect sensitive business information against unauthorized user access by enabling dynamic security restrictions, deep visibility, active threat detection, and granular access controls. In this guide, we will see how you can configure Atlassian with CASB for your organization.

Step 1: Sign up with miniOrange CASB

Click here to log into your miniOrange account.

(Don’t have an account? No worries, click here to create a new account)

Login into miniOrange Atlassian apps CASB

Step 2: Choose Atlassian for Configuration

After signing in, you should be taken to the miniOrange dashboard page. Locate the "Atlassian" tab and click on the Add App button.

Atlassian CASB Access Restriction authentication method dashboard

Select the Add Authentication Source option from the drop-down menu.

Atlassian CASB Access Restriction Add authentication

Mention an Authentication name for the authentication source, and click on Generate Metadata.

Atlassian CASB Authentication Generate Metadata

After clicking on Generate Metadata, you will get the metadata details, as shown in the image below. Use this data to configure the SAML application in your Identity Provider (IDP).

Atlassian CASB Access Restriction Generate Metadata SAML Flow

If you would like to view the metadata details again, then you can click on the View Metadata button.
Now, Enter the remaining details like the IDP Entity ID, SAML Login URL, SAML Logout URL, and X509 Certificate which you will find in your Identity Provider metadata. Once done, Choose the Binding Type for SSO Request as required. You will find this information in the IDP metadata. However, if you are not sure, please select the HTTP-Redirect Binding as the default configuration.

Atlassian CASB Access Restriction SP metadata IDP Details

Click the Save & Next button once you have filled out all the details.
You have now successfully configured SAML Authentication with miniOrange CASB.

Step 3: Configuring Atlassian Application

Now, You are redirected to Basic Settings section.
Fill in the following details to configure the Atlassian Application:

Application Name:	Enter the name of your application
Organization Domain:	Enter the domain of your organization on Shopify. (Ex: example.com)
Attribute Key:	Enter the Group Attribute Key for the SSO app, which you have configured in the IDP under the SAML attributes section.
Name Attribute Key:	Enter the attribute name like fname,Lname etc.
Enter ACS URL:	You can get the Atlassian ACS URL from the Atlassian Admin dashboard.
Enter Entity URL:	You can get the Atlassian Entity URL from the Atlassian Admin dashboard.
CASB Type	Select CASB type as Inline or Offline
Enable MDM	If you want to configure MDM on your device, enable it

Click on Save & Next to save your changes.

Step 4: Configuring Policies

Let’s see how to configure policies for Atlassian CASB.

You should be taken to the Manage Policy screen. Enter your policy details, like Policy Name and Policy Description and Select Policies as per your Requirement.

Atlassian CASB policies enable IP Restriction

Follow the below steps to configure restrictions according to your need:

Network Based Restriction
Time Based Restriction
Restrict Import/Export of Files

1. IP Configuration

Click on Checkbox for “Enable IP Restriction” as shown in the image below.
By enabling this IP Restriction feature, you are restricting access to users based on their IP addresses:

1) Select the Allow or Deny option to either permit or restrict certain IP addresses.

2) Click on the Add IP Address icon to create a new field where you can add the IP addresses you want to regulate.

2. Location Configuration

Click on Checkbox for “Enable Location Restriction” as shown in the image below.
By enabling this feature, you are restricting access to users based on their Location:

1) Select the Allow or Deny option to either permit or restrict certain locations.

2) Select Locations from dropdown.

1. Time of Access Configuration

Click on Checkbox for “Enable Time of Access Configuration” as shown in the image below.
By enabling this feature, you will apply time restrictions to users based on the configured settings and specified timings.

1) Select Allow or Deny to permit or restrict user access during the selected time slot.

2) Select the user's timezone.

3) Select the start and end times for the time-based restriction.

setup atlassian CASB - add whitelisted paths

2. Session Based Restriction

Click on Checkbox for “Enable Session Based Restriction” as shown in the image below.
By enabling this feature, you are restrict user sessions based on configured duration:

1)The session management should be based on days or hours.

2)Enter the duration for restrict user sessions.

setup atlassian CASB - Session Based Restriction

1. Prevent Download

Click on Checkbox for “Enable Prevent Download” as shown in the image below.
By enabling this feature, you are restricting access to download. Currently this feature is only applicable for Google Docs and Google Drive. Downloading and sharing will be restricted from the apps or groups on which you apply this policy.

setup atlassian CASB- click on Prevent Download

2. File Based Restriction

Click on Checkbox for “Enable File Based Restriction” as shown in the image below.
Enable this feature to control file uploads based on the allowed extension list.

1)Select the Allow or Deny option to either permit or restrict certain files. e.g. PDF, Doc, ZIP and etc.

setup atlassian CASB- click on File Based Restriction

3. Enable Disable Copy

Click on the "Enable Disable copy" checkbox.
By enabling this feature, you are restricting users from copying the contents of the page.

setup atlassian CASB- click on Enable Disable cop

Once, done with all the configurations click on Save and Next button.

Step 5: Configuring Groups

Let’s see how to configure Groups for AtlassianPlus CASB.

Now, You are redirected to Manage Group screen. Enter the Group Name and Group Description. Select the Atlassian Policy from the drop-down menu.
Now, we'll proceed to assign permissions for applications to the group.

a) App Restriction: In this, the restrictions will be applied over the application based on the policy that you have configured for the group.

b) No App Restriction: In this, there will be no restrictions on the application for the group.

c) Disable App: By choosing this option, the application becomes inaccessible from anywhere for the entire group.

d) Custom App Restriction: By using this, you can apply an application-specific custom application restriction policy to an application that overpowers the group's restriction policy.

Atlassian CASB Groups submit app restriction group

Now, Click on Save & Next once done.

After successfully configuring all screens, you will be redirected to the edit screen.

Step 6: Edit Screen

Basic Settings section You can change any configurations if required in the Authentication.
Suppose you want to configure different authentication sources. In that case, you can simply click on the Authentication Source in the Navigation Bar, where you will be able to add, view & edit authentication sources.

Atlassian CASB Basic Settings change any configuration

In Groups Settings section You can add and configure groups on this screen and view all configured groups.
Now, Click on Add New Group and you will get a pop-up for adding a new group and you can configure it using the above mentioned steps.

Atlassian CASB Group Settings all configured groups

In the 'Session Management' section, you can see the details of logged-in users' sessions.

microsoft office365 CASB session management

Not able to configure or test Atlassian CASB?
No worry, you need to Contact us or email us at proxysupport@xecurify.com and we'll help you setting it up in no time.

External References

miniOrange CASB offers a wide variety of security features with flexible scalability, all available at the most affordable price to all types of businesses. Start by signing up now!

Contents