The Power of GenAI: With Great Power Comes Great Responsibility

The froth surrounding Generative AI (GenAI) tools like ChatGPT, Gemini, and Copilot is undeniable. These powerful large language models (LLMs) can create realistic text, translate languages, and even write different kinds of creative content. But for highly regulated industries — think shipping, healthcare, or government — the excitement comes with a healthy dose of caution. 

California’s Executive Order N-12-23 provides a valuable framework for navigating this complex landscape. It acknowledges the immense potential of GenAI while emphasizing responsible use. The EO’s directives — procurement guidelines, high-risk use inventories, pilot project sandboxes, and government worker training — all point toward a measured approach. 

California’s Executive Order N-12-23: Breaking Down the Directives & Their Implications

Let’s dive deeper into how the directives in the EO can translate into concrete actions within high-compliance industries. 

Procurement Guidelines: These guidelines ensure responsible acquisition of GenAI tools. In healthcare, for instance, procurement guidelines could mandate that hospitals only acquire AI-powered medical diagnostics that are FDA-approved. This ensures adherence to patient safety regulations. Similarly, in the U.S. public sector, procurement guidelines could emphasize data security and privacy when acquiring AI for public service applications. 

High-Risk Use Inventories: These inventories help identify situations where GenAI use poses significant risks. For example, a high-risk use inventory in the shipping industry might highlight autonomous ship navigation as a high-risk area. Extensive testing in pilot project sandboxes would be mandatory before real-world implementation. Similarly, in healthcare, high-risk use inventories might highlight AI for personalized drug dosages. Careful evaluation and sandbox testing would be crucial to ensure patient safety and efficacy. 

Pilot Project Sandboxes: These sandboxes allow controlled experimentation with GenAI in low-risk environments. This allows regulated entities to test functionalities, identify potential issues, and refine their GenAI strategy. The U.S. public sector could use sandboxes to test AI-powered chatbots for citizen inquiries. This would allow for evaluation of effectiveness and identification of any potential biases before deploying the technology at scale. 

Government Worker Training: Training government workers on responsible GenAI use is critical. This training could cover topics like bias detection in AI outputs, understanding limitations of GenAI, and legal and ethical considerations. In healthcare, for instance, training would equip healthcare workers to identify patient bias in AI-driven decisions. This ensures that medical professionals maintain a human-centric approach while leveraging the power of AI. 

Challenges and Opportunities in a Regulated Landscape

Highly regulated industries share a common set of challenges when it comes to GenAI adoption. Let’s take a closer look: 

  • Safety and Security: From ensuring safe maritime routes to protecting patient health data, safety is paramount. GenAI outputs must be thoroughly vetted to mitigate bias and ensure accuracy in critical decision-making. 
  • Transparency and Explainability: Public trust is essential in government, healthcare, and other regulated sectors. GenAI models need to be transparent, allowing users to understand how they arrive at their outputs. 
  • Compliance and Governance: Existing regulations need to be considered when deploying GenAI. Frameworks like NIST’s AI RMF provide guidance, and robust governance processes ensure responsible use within legal boundaries. 

These challenges are outweighed by the immense opportunities GenAI offers: 

  • Enhanced Efficiency: GenAI can automate routine tasks, freeing up human expertise for higher-level analysis and decision-making. 
  • Improved Insights: GenAI can analyze vast amounts of data, uncovering hidden patterns and generating valuable insights across various sectors. 
  • Innovation and Personalization: GenAI unlocks new possibilities for innovation, from personalized healthcare to more efficient government services. 

By navigating the challenges and embracing the opportunities, highly regulated industries can leverage GenAI to achieve significant advancements. It’s here that leveraging a suite of solutions, like those built by Atlassian — a trusted company with guardrails in place — can help high-compliance industries adopt GenAI technology, use it to maximum advantage and, most importantly, use it responsibly and safely. 

Unlocking the Potential of Generative AI in Regulated Industries:
A Cautious and Collaborative Approach 

The opportunities presented by Generative AI (GenAI) are vast for highly regulated industries. From automating tasks to gleaning deeper insights from data, GenAI can revolutionize the way these sectors operate. However, responsible adoption is paramount; ensuring safety, transparency, and compliance requires a thoughtful and collaborative approach. 

This is where Atlassian shines. Its suite of tools fosters seamless collaboration across teams, empowering organizations to navigate the GenAI landscape effectively. Let’s delve into the ways Atlassian equips you to harness the power of GenAI while prioritizing responsible use. 

Keeping Teams Aligned: Collaboration is King

Atlassian products excel at fostering collaboration within and across teams of all sizes. This is crucial for managing GenAI effectively. Here’s how: 

  • Confluence: Your Policy and Playbook Hub 
    Create and maintain clear guidelines for GenAI use and deployment within Confluence. This central repository offers easy access to policies, procedures, and playbooks, with version control ensuring everyone stays on the same page, even as best practices evolve. 
  • Inventorying Use Cases with Jira Service Management 
    Leverage Jira Service Management’s asset management capabilities to track GenAI use cases. Score use cases based on pre-defined criteria using custom fields. Create tickets for follow-up and evaluation, ensuring each use case is thoroughly assessed. 
  • Learning from the Field 
    Atlassian understands the importance of capturing insights from all stakeholders. The Jira Service Management customer portal allows you to collect usage data and feedback directly from those interacting with GenAI tools. 

Pilot Projects & Sandboxes: Learning from Controlled Environments 

Effective pilot projects and sandboxes require enterprise-wide visibility. Atlassian provides the tools to achieve this: 

  • Atlas: Sharing Across Teams 
    Use Atlas for horizontal information sharing across departments. Disseminate pilot project goals, approaches, and outcomes, ensuring lessons learned translate into improved GenAI adoption. 
  • Connecting Strategy to Execution  
    Align individual project goals with top-level strategic objectives using Jira Align. This fosters a unified approach to GenAI implementation across the organization. 
  • Confluence: Capturing Knowledge, Sharing Success  
    Leverage Confluence to document pilot project learnings and disseminate final reports and outcomes. This centralized knowledge base helps future projects build upon past successes. 

The Power of Built-In AI

Atlassian products themselves leverage AI, offering a familiar and trusted environment for GenAI exploration. The benefit? Built-in guardrails ensure responsible use. 

From smart suggestions in Jira to AI-powered summaries in Confluence, Atlassian provides a range of AI features designed to augment human expertise. These tools operate within a framework of trust and safety, fostering responsible innovation. 

Effective GenAI implementation goes beyond tools. Consider these additional elements: 

  • Incident Management: Things will go wrong. Leverage Atlassian tools for incident management. JSM tickets, Confluence documentation, and Jira Align can be used to collaboratively develop incident response plans and track resolutions. 
  • Prompt Repositories: Prompt development is crucial for GenAI success. Capture and store prompts in Confluence or Bitbucket, ensuring consistency and knowledge sharing across teams. 
  • Governance & Risk Management: The California EO mandates leveraging frameworks like NIST’s AI RMF. JSM Assets helps manage risks, ensuring alignment with chosen frameworks and facilitating regular reviews with robust reporting. 

The Future of GenAI: Responsibility is Key 

GenAI presents a generational opportunity, but responsible adoption is key. Atlassian, alongside partners like Oxalis, can help you navigate this exciting landscape. Whether you require specific tools, a comprehensive governance framework, or assistance with change management, Oxalis can guide you from strategy to implementation. Following frameworks like California’s EO and leveraging solutions like Atlassian’s suite of products, as well as the experience and guidance of Oxalis, will enable responsible adoption, maximizing the potential of GenAI while safeguarding public trust. 

Remember, the “gates are open,” but let’s walk through them thoughtfully, together. 

The CISO’s Castle: Bolstering Security with Integrated Asset Management

In today’s ever-evolving threat landscape, CISOs face a constant siege — maintaining robust security postures while navigating a complex web of compliance requirements. A critical weapon in this ongoing battle is a unified system that seamlessly integrates asset management with IT service management (ITSM) practices. 

The Fragmented Fortress: A Common Challenge 

Many organizations find themselves struggling with a fragmented landscape of tools for asset management and ITSM. This often resembles a castle with separate towers, each manned by different teams with limited visibility into the bigger picture. This siloed approach leads to:

  • Incomplete asset inventory: A lack of a centralized view of all hardware, software, and cloud resources across the organization. 
  • Security blind spots: Difficulty in tracking the security posture of each asset, making it challenging to identify and address vulnerabilities promptly. 
  • Compliance headaches: Meeting regulations like GDPR, HIPAA, PCI DSS, and FISMA becomes an uphill battle due to the difficulty of generating comprehensive compliance reports. 

Compliance Tightrope: A Balancing Act for CISOs 

CISOs are constantly on a compliance tightrope, juggling a multitude of regulations that mandate strict data security controls and regular reporting on asset inventory and security posture. Failure to comply can result in hefty fines, reputational damage, and operational disruptions.  

Jira Service Management: Unifying Your ITSM Castle 

Jira Service Management (JSM) acts as the unifying bridge between your asset management and ITSM operations.  Imagine transforming your fragmented castle into a centralized command center with JSM at its core. Here’s how JSM empowers CISOs: 

  • Centralized Asset Data: Maintain a single source of truth for all asset information, providing complete visibility into your IT environment. 
  • Automated Asset Discovery: Leverage automated discovery tools to continuously identify and register new assets within the network, ensuring your inventory remains up to date. 
  • Enhanced Vulnerability Management: Integrate asset data with vulnerability scanning tools to prioritize and remediate security risks effectively. 
  • Streamlined Compliance Reporting: Generate compliance reports with ease, demonstrating ongoing adherence to regulatory requirements. 

Building Stronger Defenses with Oxalis

JSM’s capabilities are further amplified by partnering with Oxalis. Among the many things Oxalis offers is expertise in implementing and overlaying ITSM maturity models onto your JSM instance. This ensures your organization leverages JSM to its full potential, achieving enterprise-grade security and governance. 

By combining JSM’s asset management features with Oxalis’ implementation and maturity model expertise, CISOs can: 

  • Gain complete control over their IT environment. 
  • Proactively address security vulnerabilities before they can be exploited. 
  • Demonstrate continuous compliance with regulations. 
  • Achieve enterprise-grade security and governance, fortifying your organization’s digital castle. 

JSM and Oxalis, together, empower CISOs to move from reactive firefighting to proactive security leadership. With a unified system and a focus on continuous improvement, CISOs can ensure their organizations are well-equipped to face the ever-changing threat landscape and emerge victorious. 

Take control: learn how JSM & Oxalis can fortify your security

The complexities of modern IT infrastructure demand a unified approach to security and compliance. In this blog, we explored the challenges CISOs face in a fragmented landscape, and how a centralized system integrating asset management and ITSM offers a powerful solution. Jira Service Management empowers CISOs with a central hub for asset data, automated discovery, vulnerability management, and streamlined compliance reporting. 

However, maximizing JSM’s potential requires expert guidance. Partnering with Oxalis provides the expertise to implement and overlay ITSM maturity models on your JSM instance, ensuring you achieve enterprise-grade security and governance. 

Ready to learn more about how JSM and Oxalis can transform your organization’s security posture? Download our white paper, “How Jira Service Management and Asset Management Meet Security & Compliance Requirements: A Guide for CISOs.” This comprehensive resource dives deeper into how JSM’s functionalities, coupled with Oxalis’ expertise, empower CISOs to build a robust defense against evolving threats. 

How Jira Service Management Asset & Asset Management Meet Security & Compliance Requirements: A Guide for CISOs

In this white paper, you’ll discover: 

  • A detailed breakdown of JSM’s asset management capabilities. 
  • Strategies for integrating asset data with vulnerability scanning tools. 
  • Practical steps for generating comprehensive compliance reports. 
  • How Oxalis’ ITSM maturity model expertise optimizes JSM for maximum security benefit.

Take control of your IT environment and empower your security leadership. Download the white paper today! 

Charting Your Course: Expert Tips for Migrating from Cherwell to JSM

With Ivanti’s announcement in October 2023 that they would “End of Life” Cherwell Service Management in 2026, Cherwell users are asking themselves the question, “Now what?” There has been much uncertainty and concern about Cherwell’s future since it was acquired by Ivanti in 2021 and now, with those fears realized, these users must evaluate alternative solutions. Cherwell End of Life (EOL) won’t be reached for another two years, but large-scale ITSM migrations are complex and time-consuming; the time to move to a new solution is now.

Jira Service Management (JSM) — named a leader in the 2023 Forrester Wave™ for Enterprise Service Management and the Gartner Magic Quadrant™ for IT Service Management (ITSM) — is a flexible, powerful, cost-effective solution that is built for high-velocity teams. Unlike Ivanti’s Cherwell, which has an outdated user interface and a hard-to-navigate platform, Jira has a modern user interface, a built-in reporting engine, a large customer base and app ecosystem, end-to-end ITSM capabilities, and seamless, automatic upgrades. 

With the support of an industry-leading firm like Oxalis — an Atlassian Platinum Solutions Partner — Jira Service Management makes the transition from Cherwell seamless and simple and gives those cast adrift by Cherwell just what they need: a home.

What Cherwell’s End of Life (EOL) means for customers.

Cherwell was acquired by Ivanti in 2021, and since then, Ivanti has focused on integrating its capabilities into their broader portfolio, fueling speculation about Cherwell’s future. Now, they will sunset the platform, forcing their customers to make a choice: move to Ivanti’s proprietary solution or migrate to something new.

Though Ivanti will continue to offer support, licenses, and minor updates, it’s important for Cherwell users to recognize that the version of the product they have now is the version they will have until EOL — there will be no new features or upgrades. Other platforms, on the other hand, will keep evolving. They’ll deliver new features and capabilities to keep up with the expanding needs of their customers. To continue delivering the best IT service, support, and management, businesses need something better. Transitioning to new ITSM software is no easy task. It requires planning, careful execution, change management, training and transition management, ongoing review, and more. Organizations should bear several things in mind as they plan for Cherwell’s End of Life and consider alternative IT Service Management platforms. 

Transitioning from Cherwell: Best practices for migration.

When Oxalis helps clients migrate from another platform to Jira Service Management — our ITSM solution of choice — we advocate several best practices:

Assemble a transition team. 

A cross-functional team should include relevant decision makers, specialists, and business leadership. This team will plan, manage, and lead the transition, so it’s imperative that you have all the right roles and delegate responsibilities clearly. 

Consult with advisors. 

The right experts can help with planning, guidance, hands-on support, and migration. Migrations like these are not simple A-to-B transitions. They are not risk-free — and they can be complex and challenging — so it is best to choose a solution provider, like Oxalis, who has deep expertise in ITSM solution design, migrations, and transition, so making the switch is easy.

Evaluate and choose an ITSM platform. 

There are quite a few ITSM solutions available, each with their own pros and cons. Jira Service Management is Oxalis’ ITSM platform of choice. It is robust, it is flexible, and infinitely scalable. And it’s also — relative to other offerings — affordable. Put simply, we think it is the best Cherwell alternative and it provides the easiest transition for Cherwell users. 

Make a plan. 

Moving from one ITSM tool to another might seem like an apples-to-apples switch that should be an easy swap, but even the simplest transitions can take many months to be done right. Without the proper execution and guidance, they can be challenging and error prone. Starting early is critical to avoiding unforeseen obstacles and the occasional, inevitable speed bumps that will arise along the way. 

Involve ALL stakeholders.

Changing systems impacts almost everyone — not just the IT support team. Many categories of supported users, system owners, senior management, business intelligence groups, security, and more will be affected by the transition; representatives from each group should be involved in the planning and decision-making process.

Take advantage of the opportunity.

Don’t copy bad habits. Migrations such as these aren’t simply a matter of moving data and workflows from one platform to another — you also need to avoid replicating mistakes and bad habits in the new platform. Don’t simply make a 1:1 switch; look to improve your overall execution. Let’s say you weren’t using Asset Management. Use the change as an opportunity to improve your information technology infrastructure library (ITIL) maturity. Consultancies, such as Oxalis, can help evaluate and plan your roadmap and perform extensive analyses to ensure mistakes are not duplicated in the new implementation.

Test, test, test. 

Imagine flipping the switch on your entire IT service operation — exciting, right? But before the celebratory high fives, there’s a critical step: thorough testing and quality assurance (QA). Just like a test flight ensures a smooth landing, migrating to a new ITSM platform requires rigorous testing to iron out any wrinkles. This isn’t just about avoiding early hiccups — it’s about safeguarding the user experience, guaranteeing data integrity, and ensuring your team can seamlessly transition without disrupting critical workflows. By investing in robust testing and QA, you’ll land your migration smoothly and be ready to soar with your new platform’s full potential.

Why change management makes migration magic.

A successful ITSM migration isn’t just about flawless data transfer; it’s about winning over your team. Imagine a shiny new platform landing with a thud because your users feel lost in navigation or struggle to complete familiar tasks. Change management and comprehensive training bridge this gap. By actively communicating the “why” and “how” of the move, addressing concerns, and providing thorough training tailored to different user roles, you’ll empower your team to embrace the new platform. This not only fosters user adoption but also ensures a smooth transition, minimizing disruptions and maximizing the positive impact of your migration. A well-trained and engaged team is the secret weapon to unlocking the full potential of your new ITSM platform, leading to a more efficient and ultimately, a happier workforce.

The power of iteration.

Migrating to a new ITSM platform is a marathon, not a sprint. The finish line isn’t the cutover — it’s the ongoing optimization you achieve through continuous learning and iteration. Don’t get us wrong, a smooth transition is crucial, but the real magic happens afterward. By embracing an iterative approach, you can analyze user feedback, identify areas for improvement, and fine-tune your workflows to unlock the platform’s full potential. Think of it as building a muscle — the initial migration lays the foundation, but ongoing use and refinement make it truly powerful. This iterative mindset ensures your ITSM platform grows alongside your organization’s needs, keeping you ahead of the curve and delivering a consistently exceptional service experience.

Why Jira Service Management?

Jira Service Management Logo

The answer to “why Jira Service Management?” can be distilled down to three words: Modern. Complete. Flexible. JSM boasts a user-friendly interface, which means your development, IT, and business teams can finally collaborate seamlessly. Plus, JSM’s flexibility lets you customize workflows to fit your specific needs. The result? Smoother service delivery at high velocity — a win for both your teams and your customers.

Modern.

Jira Service Management (JSM) stands out as a modern platform designed for the evolving needs of today’s organizations. Leveraging the power of the cloud, JSM offers a reliable, all-in-one solution that scales seamlessly alongside your business. Gone are the days of cumbersome installations and outdated features; JSM boasts a user-friendly interface that fosters intuitive navigation, minimizing the learning curve for your team. Furthermore, automatic updates ensure you always have access to the latest features and AI-powered functionalities, keeping your service desk at the forefront of innovation. Atlassian’s commitment to continuous improvement empowers JSM to deliver an exceptional user experience while optimizing your service delivery processes.

Complete.

Jira Service Management (JSM) isn’t just a ticketing system — it’s a complete ITSM powerhouse. Need to track and manage your IT assets? JSM has you covered. Worried about knowledge silos? JSM’s built-in knowledge base empowers you to create a central hub for self-service solutions. And when incidents arise, JSM’s robust incident management features keep your team on top of things. But JSM doesn’t stop there. From the help desk technicians tackling everyday requests to C-Suite executives monitoring performance through data-rich dashboards, JSM caters to all stakeholders, ensuring everyone has the tools they need for success.

Flexible.

Effortlessly scalable, Jira Service Management empowers HR, finance, legal, marketing, facilities, and beyond with its flexible service management approach; its user-friendly interface makes it easy for any team to jump in. And it works for more than just ITSM. Jira Service Management is a powerful tool for managing plants, property, and equipment (PP&E) and Enterprise Service Management (ESM), too. Plus, with customizable templates and a massive marketplace — integrations include Atlassian products, such as Confluence, Bitbucket, and Trello, as well as third-party applications such as Slack, GitHub, and Zendesk — overflowing with add-ons, you can tailor JSM to your specific needs. Whether it’s building a custom service desk from scratch or integrating existing tools, JSM empowers every team to streamline their processes and deliver exceptional service.

Planning for a post-Cherwell era.

Oxalis is an experienced, expert provider of Jira migrations and implementations, as well as ITSM and ITIL service design, offering premium consulting and custom solutions for industries that address real-world challenges. We are an Atlassian Platinum Solutions Partner and have deep knowledge of their suite of products and solutions. We have a proven track record of successful, large-scale Jira migrations — always delivered on time and on budget.

Oxalis are not just your advisors; we are your partners, guides, and technical support staff. Our team of experts can help guide your migration and ensure a smooth transition to your new ITSM platform, so you can take full advantage of the benefits Jira Service Management has to offer. Don’t wait. Contact Oxalis today to start planning your transition from Cherwell. Oxalis will listen. We will take the time to learn about and understand your needs, and we will guide you every step of the way. Don’t get left behind by Cherwell; make a new home with Oxalis and Jira Service Management.

 

5 Recent Upgrades That Make Capacity Planning in Jira Align Better Than Ever

Jira Align, Atlassian’s enterprise-grade Agile solution, has offered a degree of capacity planning since its initial release. But a number of recent improvements have made this key feature much more user-friendly, powerful, and flexible. In this post, we’ll cover what five recent upgrades that make capacity planning in Jira Align better than ever.

Jira Align’s five fundamental work items, along with all the built-in laddered work management and reporting features, are central to providing flexibility in managing Agile work at different altitudes.

  • Theme
  • Epic
  • Capability
  • Feature
  • Story

For starters, the existing Forecast page now works for the Feature level, in addition to Epic and Capability. And capacity planning now has its own page—Capacity—that uses the data from the Forecast page, which, in turn, displays data from the Capacity page.

Forecast Page

Epic

Work forecasting has been available at the Epic and Capability level since the initial release, and now it’s also available for Feature work items. Here are the three key updates.

Capacity Remaining

If you’re using the Capacity page (see section below), your capacity data will appear on the Forecast page at the top of each program column, so you can easily avoid committing to more work than you can accomplish.

Capacity page: Jira Align

Automatic Math

Estimating for a given Epic/Capability/Feature now includes buttons that automatically add up the estimations for each program and team, as well as for the entire Program Increment.  You can still do it manually if you like, but now Align will do the math for you if you don’t.

Automatic Math: Jira Align
On left, manual total estimate; on right, auto-estimation

Forecasted Spend

The Forecasted Spend financial value has been added to Features—in the Spend tab inside the Details panel for the work item—just as it has been for Epics and Capabilities.

Forecasted Spend Financial value: Jira Align
Jira Align menu left sidebar

Capacity Page

The Capacity page is a new feature, located just below Forecast in the left sidebar.

It is available in Portfolio, Solution, or Program context.

Jira align menu bar

There are two sections on the page, Plan Summary and Plan Details.

Plan Summary

Just like with the Forecast page, you can choose the scope of planning. Choose a subset of the Solutions (if you chose the Solution context), a subset of the Programs, and/or set the work item level to Epic, Capacity, or Feature.

Capacity plan for Porfolio One: Jira Align

Once you’ve set the scope you want to plan for, the Forecast vs. Capacity bar shows you, at a glance, the plan’s total capacity, forecasted work, and current capacity remaining.

And the Forecast page is just a click away—just use the Source link to the right of the bar. This keeps the two halves of capacity planning in Jira Align conveniently connected.

The last part of the Plan Summary section contains six cards that each display an aggregated sum of all team-level data for the plan scope you’ve selected, showing you how the plan’s total capacity is calculated, along with the same calculations for the previous plan. The data calculated in the first four cards depends on whether you’re using points or member weeks. Here’s an example using points.

Plan Summary Section: Jira Align

These cards update in real time as you plan to help you understand how the changes you make to plan details are affecting your capacity.

Two of the columns need a bit of explanation. Buffer, whether you’re using points or weeks, provides a way to capture factors like planned PTO that reduce the amount of effort the team can put in for the plan’s duration. Capacity Percentage captures how much of the team’s work time will go toward this plan, which is vital because team members may have a certain amount of overhead in their days, or their time may be split between projects. The program’s Buffer value is subtracted before the Capacity Percentage is applied. For example:

20 points per sprint x 6 sprints = 120 points

120 points - 20 points of buffer = 100 points

Capacity % of 80 x 100 points = Available capacity of 80 points

Plan Details

This table breaks down the data in the cards, with the programs or teams as rows, and the same six factors as columns. Initially each program in the plan is a row, to provide an overview.

Plan details: Jira

If you want to apply values to all listed programs in the plan, use the three-dot pop-up menu in a column’s header to do so. See below for explanations of these editing options.

Bulk edit members

If you want to set different values for each program, or for each cell in a column, you do that at the team level; simply click on a program to pull up the team breakdown and directly edit the members, team capacity percentage, and so on. Changes are applied in real time, and are available in other places, like at the top of each program’s column in the Forecast page.

Forecast page

The Available Capacity column is calculated using the values in each row, and you can use the little down arrows in each cell to choose how you want to populate the value for that cell:

Available capacity column: Jira Align
  • Manual entry – just type in the value.
  • Default value – use the Solution or Portfolio’s default value, which can be set using the Defaults link above the Available Capacity column.
  • Previous value – use the corresponding value from the previous plan.

If you’re already using Jira Align, be sure to take advantage of the new capacity planning features we’ve covered here. If you’re considering Jira Align, Oxalis can help. We’ll assess the fit, design and prepare an implementation, then execute and support it. We’re an Atlassian Platinum Solutions Provider and offer premium consultation for Atlassian implementation services.

Contact Us

 

Atlassian Server End of Support is Here. Are You Ready?

On Thursday, February 15, 2024, Atlassian’s Server products will no longer be supported. This means Atlassian and Marketplace partners will no longer provide technical support for any issues, security updates, or bug fixes for Server.

If you are still on Atlassian Server licensing and have not yet developed a plan to move away from it, Oxalis can help guide your decision. At Oxalis, we see this as a great opportunity for our customers to make a calculated transition to dynamic solutions that work for their data management and collaboration strategy. Whether it’s moving to Atlassian Cloud or Data Center, there are numerous options for addressing compliance needs or regulations.

What End of Support Means

After 12:00 a.m. PST on February 15, 2024, Atlassian and Marketplace Partners will no longer provide technical support for any issues, security updates, or bug fixes for critical vulnerabilities. Regular security updates help protect your business from threats and vulnerabilities, so we recommend moving to Atlassian’s Cloud or Data Center products to ensure you continue to receive the critical support and services you need.

This transition applies to the following Atlassian Server products:

  • Jira Software Server
  • Jira Core Server
  • Jira Service Management Server
  • Confluence Server
  • Bitbucket Server
  • Crowd Server
  • Bamboo Server
  • Atlassian-built Server applications

Risks of Remaining on Server Products

Remaining on Server products after February 15, 2024 poses several risks, and you should act now to mitigate them.

  1. Increased vulnerability to security threats: Organizations that choose to remain on Server products will be at a higher risk of security threats, such as data breaches and cyberattacks. This is because security patches and updates will no longer be provided, leaving servers exposed to vulnerabilities.
  2. Lack of compliance with industry standards: Organizations that continue to run unsupported software may fall out of compliance with industry standards and regulations, such as PCI DSS and HIPAA. This can result in legal penalties, fines, and reputational damage.
  3. Limited scalability and flexibility: Server products have limited scalability and flexibility, making it difficult for businesses to adapt to changing business needs and growth. This can result in reduced productivity and competitiveness.
  4. Reduced reliability and performance: Server products will no longer receive updates and patches, and server performance and reliability may decline over time. This could lead to downtime and business disruption, detrimentally affecting productivity and revenue.
  5. Limited support and services: Organizations that remain on Server products after the end of support period will have support limited to Cloud migrations or DC upgrades, making it difficult to resolve server issues and get help when needed. This can result in longer downtime and increased business disruption.

How Did Atlassian Get Here?

Atlassian has been preparing for this major transition since 2020. Oxalis has been helping organizations define and execute their migration strategies in preparation for this milestone. 

Atlassian Server EOL
  1. October 16, 2020: Atlassian announces Server-licensed products to be phased out
  2. February 2, 2021: Atlassian stops the sale of new Server licenses
  3. February 15, 2022: Atlassian stops tier upgrades and downgrades for Server licenses
  4. February 15, 2023: Atlassian stops the sale of new Server apps
  5. February 15, 2024: Support for Server ends

The Methodology

As Atlassian cloud migration advisors, Oxalis’s unique expertise ensures Atlassian Cloud Migration success.

The Atlassian Cloud Migration Playbook, written for any company that needs to migrate from Atlassian Server or Data Center to the Cloud.

 

It covers the entire migration process from pre-planning to testing to executing the migration.

What Should you Do?

Organizations still using Server licenses have two options to continue using the Atlassian products in a supported manner:

  1. Migrate to Cloud: Operate more efficiently and focus on innovation with seamless collaboration, better integrations, and native automation.
  2. Upgrade to Data Center: Maintain self-managed environments with security controls, performance at scale, and flexible infrastructure choices.

This decision has several organization-specific deciding factors. Contact us to talk to an expert who can help you make the decision that’s best for you.

TALK TO AN EXPERT

Benefits of Moving to Atlassian Cloud

Atlassian has invested heavily in their Cloud products, resulting in a best-in-class product offering that enables businesses to work faster, smarter, and stronger.

Atlassian Cloud products bring:

  1. Enhanced security and compliance: By migrating to Atlassian Cloud, organizations can benefit from enhanced security features such as encryption at rest and in transit, automatic updates and patches, and compliance with industry standards like SOC 2 and ISO 27001. This ensures that organizations’ data is always secure, reducing the risk of cyberthreats and data breaches.
  2. Increased scalability and flexibility: Atlassian Cloud offers unlimited scalability, allowing organizations to easily add or remove users, storage, and functionality as needed. With cloud-based solutions, customers can access their data from anywhere, anytime, and on any device, making it easier to collaborate and work remotely.
  3. Continuous innovation and feature updates: No more upgrades! By migrating to Atlassian cloud, organizations can take advantage of new features and updates, released on a regular basis, without having to worry about managing upgrades or downtime. This ensures that they always have access to the latest and greatest features, improving their overall experience and productivity.
  4. Improved reliability and performance: Atlassian Cloud is built on a robust and scalable infrastructure, ensuring high availability and reliability. This means organizations can count on their systems to be up and running when they need them, without worrying about hardware failures or maintenance issues.
  5. Fast and Reliable Support: With Atlassian Cloud, organizations have access to a wide range of support and services, including 24/7 technical support, online help center, and community forums. This ensures that organizations get the help they need, when they need it, reducing the risk of downtime and other issues that can affect their business.

Benefits of Moving to Atlassian Data Center

For many organizations, moving to Atlassian Cloud isn’t feasible due to their compliance or other business requirements. Oxalis has helped many organizations design a cost-optimized Data Center hosting architecture that meets their compliance and performance requirements.

Migrating to Data Center licensing allows for:

  1. Easy Transition: Atlassian has committed to making the transition from Server to Data Center licensing seamless.
  2. Higher Security: Organizations can deploy Data Center products in the hosting solution they prefer. This can include a cloud provider, such as AWS or Azure, as well as on-prem hosting solutions.
  3. Performance and High Availability: Data Center ships with the ability to be used in clustered environments for High Availability, but also in a simple (not clustered) configuration if you do not have this requirement.

Moving to Data Center can also serve as a temporary solution for organizations to ensure they continue to operate on a supported platform as they plan their Cloud migration journey.

Oxalis is Here to Help

As an Atlassian Platinum Solution Partner, Oxalis is here to help organizations plan and execute their migration strategy. We are a Cloud Specialized Partner with proven expertise and experience to lead and execute successful Server-to-Cloud migrations. We also specialize in high-compliance businesses, focusing on deploying compliant Data Center solutions, that meet your compliance, performance, and cost requirements.

We’re the ones you call to get it done the right way, the first time.

The Value of Post-Migration Services to IT and Business Teams

Atlassian’s cloud products are renowned for boosting teamwork, streamlining software development, and enhancing organizational agility. As your trusted Atlassian Platinum Solution Partner, Oxalis is here to guide you through the entire process — from selecting the right tools to ensuring a seamless transition to Atlassian Cloud with post-migration services.

But our partnership doesn’t end with migration. We understand that the true value of your cloud investment lies in ongoing support and optimization. That’s why Oxalis offers comprehensive post-migration services designed to help you unlock the full potential of your Atlassian suite.

Elevate Your Teams with Continuous Training

Migration often involves initial training, but mastering Atlassian tools is an ongoing journey. To truly optimize your suite, your teams need to stay updated on the latest features, integrations, and best practices.

Oxalis’s offers a range of post-migration services, including customized training programs are designed to align your IT and business teams with your evolving goals. Our experts can help you:

  • Adopt best practices: Discover new features and learn how to use them effectively.
  • Optimize your product suite: Leverage powerful tools to automate processes, streamline workflows, and improve efficiency.
  • Manage change effectively: Develop tailored onboarding materials for new employees, ensuring seamless knowledge transfer and minimizing disruption.

By partnering with Oxalis, you gain access to a wealth of knowledge and expertise that empowers your teams to get the most out of their Atlassian tools.

Streamline Your Workflows for Maximum Impact

As your organization grows, your needs evolve. Whether you’re integrating new tools like Jira Work Management or adopting ITSM and ITIL practices, Oxalis can help you adapt your workflows to match your changing environment.

We have deep expertise in both the Atlassian product suite and the unique capabilities of the Atlassian Cloud. Our team can guide you in optimizing your workflows, leveraging cloud-specific features, and integrating new tools seamlessly into your existing infrastructure.

Uncover Hidden Opportunities through Optimization

Even without significant changes to your workflows, there’s always room for improvement. Oxalis can help you identify untapped opportunities to streamline processes, automate manual tasks, and leverage new features for better performance.

Our thorough analysis of your Atlassian Cloud usage will reveal insights that can help you:

  • Boost productivity: Eliminate bottlenecks and reduce manual work.
  • Increase efficiency: Automate repetitive tasks and remove redundant steps.
  • Gain valuable data: Track your progress and identify areas for further improvement.

Experience Peace of Mind with Ongoing Support

Maintaining your Atlassian Cloud environment requires ongoing attention to security, compliance, and data management.With Oxalis as your partner, you can offload these critical tasks to our team of experts, freeing up your internal resources to focus on your core business objectives.

Our comprehensive support services include:

  • Security and compliance audits: Ensure your environment meets industry standards and best practices.
  • Incident response: Quickly resolve complex issues and minimize downtime.
  • Change management: Plan and execute changes with minimal disruption to your business.

By partnering with Oxalis, you gain a dedicated team committed to keeping your Atlassian Cloud environment running smoothly, securely, and efficiently.

Unlock the True Value of Your Atlassian Investment with Oxalis

Don’t let your Atlassian Cloud migration be the end of your journey. Partner with Oxalis for post-migration services that go beyond the basics, delivering ongoing value, expertise, and support.

Let us help you transform your Atlassian Cloud into a powerful engine for collaboration, efficiency, and innovation. Contact us today to explore how we can empower your business to thrive in the cloud.

Compass Points to Productivity: Atlassian’s New Tool Empowers Developers

Atlassian, the powerhouse behind Jira and Confluence, has just unveiled its latest innovation to the world: Atlassian Compass. Originally previewed at Team ’22, Compass has emerged from its early access phase and is now ready to revolutionize how development teams navigate the intricate landscape of modern software architecture. If you’re managing complex, distributed systems and already rely on Jira Software, Compass could be the missing piece you’ve been searching for.

Why Compass? The Developer Experience Dilemma

Software developers are the lifeblood of tech companies. Their primary mission? Write brilliant code and ship it seamlessly. But the reality is often far less streamlined. Developers find themselves bogged down by tasks that, while important, distract from their core purpose. Security vulnerabilities, cloud configurations, automated testing — it all adds up, chipping away at precious coding time.

And there’s more. Understanding the intricate web of dependencies, figuring out who owns which component, and even just finding the right documentation can turn into a time-consuming treasure hunt. This isn’t just frustrating; it’s a drag on productivity and innovation.

Atlassian compass

From its initial early-access launch, Compass has become the world’s most extensive developer portal.

Atlassian Compass: The All-Seeing Eye for Your Software Universe

Compass steps in as your developer experience platform, a centralized hub that brings clarity to the chaos. It consolidates a real-time view of your entire engineering landscape, offering a unified understanding of your software’s inner workings.

Compass’s Key Features at a Glance

Catalog

A detailed dashboard for each component, showcasing its purpose, repository, documentation, and more.

Health

Team-specific dashboards with customizable health scorecards help identify and address potential issues proactively.

Extensibility

A growing marketplace of apps and an open API allow you to tailor Compass to your unique needs.

Compass in Action: Real-World Use Cases

  • Governance: Track reliability, security, and team performance across your entire service landscape.
  • Team Health Operations: Empower teams to maintain healthy, secure, and compliant components with ease.
  • Incident Management: Speed up triage and resolution by providing context about affected components and recent activities.
  • Software Templates: Streamline the creation of new services with pre-configured templates.
  • API & Dev Docs: Centralize repositories, documentation, and contact information for effortless collaboration.
  • Developer Onboarding: Get new developers up to speed quickly with a comprehensive overview of your software ecosystem.
Example health scorecard in Compass
Example health scorecard in Compass

Ready to Set Sail with Atlassian Compass?

Compass is more than just a tool; it’s a philosophy. It’s about empowering developers, fostering collaboration, and maximizing the value your engineering teams bring to the table. If you’re already leveraging Jira Software Cloud, the benefits of Compass are even more pronounced. And with Atlassian’s commitment to continuous improvement, the Compass journey is just beginning.

Ready to chart a new course for your software development? Contact our team of experts today! As Cloud-specialized, Atlassian Platinum Solution Partners, Oxalis is perfectly positioned to guarantee that clients receive the highest level of service and expertise. Software development is in our DNA, and we know from experience what successful distributed architecture needs.

Contact Oxalis today to embark on your Atlassian Compass journey.

 

 

Tired of Teamwork Friction? JSM’s Got Your Back (Webinar On-Demand)

Ready to break down silos, supercharge collaboration, and revolutionize how your teams work together? Don’t miss our exclusive on-demand webinar, “Unlock the Power of Jira Service Management.”

In this information-packed session, we reveal how a leading tax software provider used JSM to unite their IT teams, foster seamless collaboration between support and development, and achieve remarkable results.

Discover How JSM Can:

  • Boost Productivity: Streamline workflows and automate repetitive tasks, freeing your team to focus on high-value work.
  • Enhance Collaboration: Create a single source of truth for requests, issues, and knowledge, enabling teams to work together seamlessly.
  • Unify Reporting: Gain valuable insights into your team’s performance and identify areas for improvement.

Webinar Highlights:

  • JSM Overview: Get a comprehensive look at JSM’s core features and how they integrate with Jira.
  • Team Optimization Strategies: Learn how to leverage JSM to empower your support and operations teams.
  • Automation Deep Dive: Discover how to automate tasks within JSM to increase efficiency and focus.
  • Live Q&A: Get your questions answered by our JSM experts.

Your Transformation Starts Now

Don’t miss this opportunity to learn how Jira Service Management can elevate your organization.

Watch the webinar on-demand today and start your journey toward a more collaborative and productive future.

Watch now

RCE Vulnerabilities Identified in Multiple Atlassian Products

Summary of this issue

Atlassian has recently identified four critical vulnerabilities affecting users of the products listed below. Each of these vulnerabilities has been assigned a critical CVSS score of 9.0 or higher, indicating their severity. It is of utmost importance that customers promptly take action to secure their instances against potential threats.

We recommend you thoroughly examine all Critical Security Advisories relevant to your Atlassian product(s). This review will help verify affected versions and provide essential instructions for safeguarding your systems. Your immediate attention to this matter is highly appreciated to ensure the security of your environment.

These vulnerabilities were discovered via an internal security review at Atlassian as part of ongoing continuous security assessments.

Products Impacted

Bitbucket Data Center and Server

  • CVE-2022-1471 – SnakeYAML library remote code execution (RCE) vulnerability impacts multiple products
Impacted VersionsRecommended Action
7.17.x, 7.18.x, 7.19.x, 7.20.x, 7.21.0, 7.21.1, 7.21.2, 7.21.3, 7.21.4, 7.21.5, 7.21.6, 7.21.7, 7.21.8, 7.21.9, 7.21.10, 7.21.11, 7.21.12, 7.21.13, 7.21.14, 7.21.15, 8.0.x, 8.1.x, 8.2.x, 8.3.x, 8.4.x, 8.5.x, 8.6.x, 8.7.x, 8.8.0, 8.8.1, 8.8.2, 8.8.3, 8.8.4, 8.8.5, 8.8.6, 8.9.0, 8.9.1, 8.9.2, 8.9.3, 8.10.0, 8.10.1, 8.10.2, 8.10.3, 8.11.0, 8.11.1, 8.11.2, 8.12.0Patch to the following fixed versions or later
7.21.16 (LTS), 8.10.4, 8.11.3, 8.12.1, 8.13.0, 8.8.7, 8.9.4 (LTS)

There are no mitigations available for this vulnerability. Upgrading immediately is highly recommended.

Confluence Data Center and Server

  • CVE-2023-22522 – RCE vulnerability in Confluence Data Center and Server
  • CVE-2022-1471 – SnakeYAML library RCE vulnerability impacts multiple products
  • CVE-2023-22524 – RCE vulnerability in Atlassian Companion App for MacOS (including former customers)
Impacted VersionsRecommended Action
6.13.x, 6.14.x, 6.15.x, 7.0.x, 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.x, 7.6.x, 7.7.x, 7.8.x, 7.9.x, 7.10.x, 7.11.x, 7.12.x, 7.13.0, 7.13.1, 7.13.2, 7.13.3, 7.13.4, 7.13.5, 7.13.6, 7.13.7, 7.13.8, 7.13.9, 7.13.10, 7.13.11, 7.13.12, 7.13.13, 7.13.14, 7.13.15, 7.13.16, 7.13.17, 7.14.x, 7.15.x, 7.16.x, 7.17.x, 7.18.x, 7.19.0, 7.19.1, 7.19.2, 7.19.3, 7.19.4, 7.19.5, 7.19.6, 7.19.7, 7.19.8, 7.19.9, 7.20.x, 8.0.x, 8.1.x, 8.2.x, 8.3.0Patch to the following fixed versions or later
7.19.17 (LTS), 8.4.5, 8.5.4 (LTS), 8.6.2, 8.7.0

There are no mitigations available for this vulnerability. Upgrading immediately is highly recommended.

Atlassian Companion App for MacOS

  • CVE-2023-22524 – RCE vulnerability in Atlassian Companion App for MacOS (including former customers)
Impacted VersionsRecommended Action
All versions (MacOS) up to but not including 2.0.0 are affected by the vulnerability.Patch to the following fixed version or later
2.0.0

If you are not a current Confluence Data Center and Server customer please take action to uninstall the Atlassian Companion App.

Jira Service Management, Jira Software, Jira Core Data Center and Server

  • CVE-2022-1471 – SnakeYAML library remote code execution (RCE) vulnerability impacts multiple products
ProductImpacted VersionsRecommended Action
Jira Service Management5.4.0, 5.4.1, 5.4.2, 5.4.3, 5.4.4, 5.4.5, 5.4.6, 5.4.7, 5.4.8, 5.4.9, 5.4.10, 5.4.11, 5.4.12, 5.5.x, 5.6.x, 5.7.x, 5.8.x, 5.9.x, 5.10.x, 5.11.0, 5.11.1Patch to the following fixed versions or later
5.11.2, 5.12.0 (LTS), 5.4.13 (LTS)
Jira Software and Jira Core9.4.0, 9.4.1, 9.4.2, 9.4.3, 9.4.4, 9.4.5, 9.4.6, 9.4.7, 9.4.8, 9.4.9, 9.4.10, 9.4.11, 9.4.12, 9.5.x, 9.6.x, 9.7.x, 9.8.x, 9.9.x, 9.10.x, 9.11.0, 9.11.1 Patch to the following fixed versions or later
9.11.2, 9.12.0 (LTS), 9.4.13 (LTS)

If you are unable to upgrade your product instance to a fixed version, you can completely mitigate this vulnerability by upgrading your Automation for Jira (A4J) app to a fixed version via the Universal Plugin Manager (UPM).

Jira Service Management Assets Discovery

ProductImpacted VersionsRecommended Action
Jira Service Management Cloud Assets DiscoveryInsight Discovery 1.0 – 3.1.3
Assets Discovery 3.1.4 – 3.1.7
Assets Discovery 3.1.8-cloud – 3.1.11-cloud		Patch to the following fixed versions or later
Assets Discovery 3.2.0-cloud
Jira Service Management DC/Server Assets Discovery Insight Discovery 1.0 – 3.1.7
Assets Discovery 3.1.9 – 3.1.11
Assets Discovery 6.0.0 – 6.1.14, 6.1.14-jira-dc-8		Patch to the following fixed versions or later
Assets Discovery 6.2.9

Automation for Jira (A4J)

  • CVE-2022-1471 – SnakeYAML library remote code execution (RCE) vulnerability impacts multiple products
Impacted VersionsRecommended Action
9.0.1, 9.0.0, <=8.2.2Patch to the following fixed version or later
9.0.2, 8.2.4

Upgrade via the Universal Plugin Manager (UPM).

How to avoid future risks?

1. Migrate to Atlassian Cloud

At the beginning of 2021, Atlassian announced their journey to cloud, showing their dedication to the Cloud products and services. Even though they will be decommissioning their Server offering, their Data Center platform will continue to be supported. There are many considerations to take into account before deciding to migrate to Atlassian Cloud, but it is certainly worth considering, as it is clear that Atlassian is focusing their efforts towards the Cloud.

2. Stay Up To Date

Staying on the most recent version continues to be the best strategy. With stability, it can be easy to end up just staying with what works and getting out of date. For Oxalis customers on the Data Center versions of Atlassian products, we perform regular updates including emergency patching to address vulnerabilities.

3. Build Security At Depth

While implementing zero trust architectures can be challenging, choosing architectural patterns that allows for isolation and segmentation of infrastructure components provides both reduced blast radius and limits exploitation.

We’re Here To Help

If you require assistance in determining your vulnerability status related to these vulnerabilities, our award winning team is available to provide support. Oxalis, comprising technology consultants and product leaders operating in highly compliant sectors, prioritizes security as a fundamental aspect of our operations. Our commitment to security goes beyond just reacting to vulnerabilities; it’s an integral part of our firm’s ethos.