User Accounts: Policy for Atlassian Cloud
To ensure secure and verifiable access management within Red Hat Jira To mitigate security risks associated with orphaned accounts and unauthorized access The scope of this policy includes all Red Hat and partner users of Red Hat Atlassian Cloud products. PME requires all Red Hat associates to use their SSO account provisioned and managed by Red Hat IT. PME requires all partner users to use their official, designated company email address (issued by their primary employer). Use of Red Hat-provided email addresses or personal email accounts by partners for Atlassian Cloud access is strictly prohibited. Access to Red Hat’s Jira instance is controlled via email identity. Utilizing a partner user’s own company email ensures that account lifecycle management—specifically the offboarding process—is handled by the partner user’s actual employer. If a partner user leaves their organization, their company email is deactivated by their employer, automatically preventing further access to Red Hat systems. Using non-company or Red Hat-issued emails creates a security "loophole" where Red Hat may not be notified of a partner's departure, leading to unauthorized persistent access. Compliance with this policy is mandatory for all Red Hat and partner users and will be enforced through regular audits to identify and remediate accounts using non-compliant email accounts. PME reserves the right to suspend or revoke Jira access for any Partner account found to be using a non-compliant email address. No exceptions will be granted to this policy once a user or group has been migrated to the designated email standard. This zero-exception stance is necessary to maintain the integrity of Red Hat’s security posture and ensure robust identity management.Purpose
Scope
Policy Statement
Email Requirements
Security Rationale
Policy Compliance
Compliance Measurement
Non-Compliance and Exceptions
Enforcement
Exceptions