Can Revyz guarantee Data Sovereignty for regulated industries (GDPR, APP)?

Yes, Revyz supports strict Data Sovereignty by allowing enterprise customers to pin their backup data to specific AWS Regions, including Frankfurt (GDPR), Sydney (APP), N. Virginia (US Federal), Canada, and Singapore. Furthermore, Revyz offers a Bring Your Own Storage (BYOS) model, enabling organizations to store backups in their own AWS S3 buckets ro Azure blob storage. This ensures that data never leaves the legally required jurisdiction and that the customer retains absolute control over the data lifecycle.

Data Security Solutions | Atlassian Cloud Data Security

Q: How does Revyz encrypt backed-up data?

Revyz utilizes an Envelope Encryption strategy and AES-256 bit encryption for data at rest, leveraging the AWS Key Management Service (KMS) where unique Data Encryption Keys (DEK) are generated for specific objects and protected by a Customer Master Key (CMK). For data in transit between the Atlassian Cloud and Revyz, connections are secured via TLS 1.2+ (mTLS) on HTTPS port 443, ensuring end-to-end security.

Q: Is Revyz storage immutable and protected against ransomware?

Revyz employs WORM (Write-Once-Read-Many) technology to ensure that once a backup snapshot is written to the vault, it cannot be modified, overwritten, or deleted by anyone until the retention policy expires. This immutable storage acts as a defense against "Ransomcloud" attacks, ensuring that even if a malicious actor gains administrative control, they cannot destroy the backup.

Q: Does Revyz utilize an air-gapped architecture?

Yes, Revyz implements a "Virtual Air Gap" where backup storage exists in a separate security domain from the customer’s live Atlassian environment. This architectural separation ensures that there is no network path or credential access from the primary instance to the backup vault, guaranteeing a clean recovery point is always available even if the live environment is compromised.

Q: Does Revyz support a "Bring Your Own Storage" (BYOS) model?

Revyz supports a Bring Your Own Storage (BYOS) model, allowing enterprise customers to store backups in their own AWS S3 buckets or Azure blog storage rather than managed storage. This approach offers customers total control over their data retention policies and security configurations, aligning with strict enterprise security governance requirements.

You Own Your Data. We Help You Protect It.

Atlassian provides a secure platform, but you are ultimately responsible for the data you create and store. Revyz bridges the gap, ensuring your data is always safe, accessible, and recoverable.

TOUCH

Atlassian's Responsibility

Ensuring the security and availability of the cloud infrastructure and services.

Platform Security
Infrastructure Uptime
Service Availability

TOUCH

Your Responsibility (with Revyz)

Protecting your data from accidental deletion, malicious attacks, and human error.

Data Backup & Recovery
User Access Control
Compliance & Auditing

Identify

Understand and manage cybersecurity risks to systems, assets, data, and capabilities.

Comprehensive Data Discovery
Risk Assessment Reporting
Asset Inventory Management

Protect

Implement appropriate safeguards to ensure delivery of critical infrastructure services.

Immutable Backups (3-2-1 Policy)
End-to-End Encryption (In-transit & At-rest)
Role-Based Access Control (RBAC)

Detect

Implement the appropriate activities to identify the occurrence of a cybersecurity event.

Anomalous Deletion Alerts
Audit Logs & Reporting
Continuous Monitoring

Respond

Take appropriate action after learning of a security event.

One-Click Restore Process
Granular Item-Level Recovery
Cross-Project Restoration

Recover

Implement appropriate activities to maintain plans for resilience and to restore any capabilities or services that were impaired.

Point-in-Time Recovery
Full Project & Site Recovery
Disaster Recovery Planning

Ransomware

Immutable, air-gapped backups ensure a clean recovery point.

Revyz stores backups in an isolated security domain, making them immune to encryption by ransomware. Our versioning system allows you to restore data to a precise point-in-time before the attack occurred, neutralizing the threat without paying a ransom.

Malicious Deletions

Granular restore allows you to recover specific items deleted intentionally.

Even if a disgruntled employee or a compromised account deletes critical data, Revyz retains it in immutable backups. You can easily search for and restore the exact information you need—from a single issue to an entire project—without lengthy downtime or a full site rollback.

Account Takeover

Independent authentication protects backups even if an admin account is compromised.

Access to Revyz is managed separately from your Atlassian instance. A compromised Atlassian admin account does not grant access to your backup data, preventing attackers from deleting your safety net and ensuring you can always restore a known-good state.

Human Error

Easily undo accidental deletions or incorrect modifications with a self-service restore.

Mistakes happen. Whether it's a misconfigured automation, a script gone wrong, or an accidental bulk delete, Revyz allows any authorized user to quickly find and restore the correct data version in minutes, maintaining productivity and data integrity.

3rd-Party App Corruption

Isolate and restore data to a state before a faulty app integration caused corruption.

Marketplace apps can sometimes cause unintended data issues. Revyz backups provide a clean snapshot of your data before an app was installed or made changes, ensuring you always have a safe, reliable rollback point for your core data.

A Security Architecture You Can Trust

Encryption Standards

All data is encrypted in-transit using TLS 1.2+ and at-rest using AES-256, the same standard trusted by banks and governments worldwide.

Storage & Infrastructure

Revyz utilizes a secure, global cloud infrastructure. Our 3-2-1 backup policy ensures three copies of your data on two different media types, with one copy offsite.

Compliance Certifications

Our platform is SOC 2 Type II compliant and helps you meet your data residency and GDPR requirements with confidence.

Forge

While Atlassian Forge provides a secure platform, the data generated by your custom apps is your responsibility. Revyz extends protection to this critical data, ensuring it's backed up and recoverable.

Your Complete Security Toolkit

A suite of powerful, purpose-built tools to protect against threats, ensure compliance, and guarantee recovery.

TOUCH

Immutable Backup & Restore

Protect all Jira data with air-gapped, immutable backups that are immune to ransomware encryption.

Learn More

TOUCH

Config Drift Analyzer

Detect unauthorized or accidental changes to your Jira configurations, preventing security vulnerabilities and compliance issues.

Learn More

TOUCH

Third-Party App Backup

Extend enterprise-grade protection to critical apps like Xray and ScriptRunner, eliminating ecosystem risks.

Learn More

TOUCH

USER LICENSE INSIGHTS

Gain complete visibility into user access rights and license utilization to enforce the principle of least privilege. Proactively identify and de-provision inactive or over-privileged accounts to minimize your attack surface and strengthen your data security posture.

Learn More

TOUCH

Immutable Audit Logs

Maintain a complete, tamper-proof record of all administrative actions for compliance and forensics.

Learn More

TOUCH

Data DELETION LOG

Fulfill data privacy requirements like the 'right to erasure' with a permanent, immutable log of all data deletions. This provides the verifiable proof needed for compliance audits and internal accountability.

Learn More

Frequently Asked Questions

Q: How does Revyz encrypt backed-up data?
A: Revyz utilizes an Envelope Encryption strategy and AES-256 bit encryption for data at rest, leveraging the AWS Key Management Service (KMS) where unique Data Encryption Keys (DEK) are generated for specific objects and protected by a Customer Master Key (CMK),. For data in transit between the Atlassian Cloud and Revyz, connections are secured via TLS 1.2+ (mTLS) on HTTPS port 443, ensuring end-to-end security.

Q: Is Revyz storage immutable and protected against ransomware?
A: Revyz employs WORM (Write-Once-Read-Many) technology to ensure that once a backup snapshot is written to the vault, it cannot be modified, overwritten, or deleted by anyone until the retention policy expires. This immutable storage acts as a defense against "Ransomcloud" attacks, ensuring that even if a malicious actor gains administrative control, they cannot destroy the backup.

Q: Does Revyz utilize an air-gapped architecture?
A: Yes, Revyz implements a "Virtual Air Gap" where backup storage exists in a separate security domain from the customer’s live Atlassian environment. This architectural separation ensures that there is no network path or credential access from the primary instance to the backup vault, guaranteeing a clean recovery point is always available even if the live environment is compromised.

Q: Does Revyz support a "Bring Your Own Storage" (BYOS) model?
A: Revyz supports a Bring Your Own Storage (BYOS) model, allowing enterprise customers to store backups in their own AWS S3 buckets or Azure blog storage rather than managed storage. This approach offers customers total control over their data retention policies and security configurations, aligning with strict enterprise security governance requirements.

Build Unshakeable Resilience for Your

You Own Your Data. We Help You Protect It.

A Security Framework You Can Trust

Identify

Protect

Detect

Respond

Recover

How Revyz Protects Against Common Threats

Ransomware

Malicious Deletions

Account Takeover

Human Error

3rd-Party App Corruption

Your Complete Security Toolkit

Ready to Secure Your Atlassian Cloud?