BigPicture is now on ! Enjoy enterprise-grade Program & Portfolio Management, now fully integrated with boards and workspaces.  Try it now
February 23, 2024

One process to rule them all: Data security and compliance for BigPicture

BigPicture Enterprise
Security & Compliance

Data security and compliance with digital tools are critical factors to any business handling organizational and customer data. Data-related matters become especially complex when organizations use multiple apps from different vendors. 

As a result, they must run compliance checks and security reviews individually for each app. When we couple this fact with the everchanging relevant data privacy and security regulations, remaining compliant becomes even more challenging.

But as a BigPicture user, your journey toward compliance is as hassle-free as possible. And here’s why.

One security compliance check – no matter the number of apps

BigPicture is part of Appfire – a trusted global software provider that empowers teams and entire organizations to work however they want. But with the great number of apps comes great responsibility.

The company adheres to the highest privacy and security standards to keep its customers confident about any app from Appfire’s portfolio. It manifests through clear access to all the information Appfire users may need, trustworthy operations, and regulatory compliance.

But there’s more: the most significant perk from the “familial connections” BigPicture and any other users get from choosing Appfire products is one compliance process.

– Once you run an Appfire app vendor through all the security and compliance checks, you don’t have to do it again to purchase another app from the company’s portfolio.

One Trust Center

Recognized by Atlassian for its ongoing commitment to enterprise trust, Appfire’s Trust Center provides current and prospective customers and partners comprehensive information on privacy and security compliance. The Trust Center was designed to give customers the peace of mind they need when purchasing Appfire’s products.

One Support Portal

Alongside the Trust Center, BigPicture customers can access the Appfire Atlassian Support portal. They can visit it to request assistance from dedicated security, privacy, and compliance teams.       


Your EULA (End User Agreement) with BigPicture covers all Appfire apps. It means you don’t have to worry about all the hassle around vetting multiple vendors or managing various agreements.

ISO/IEC and SOC certifications

Appfire was awarded three globally recognized cybersecurity certifications jointly issued by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). Namely, ISO/IEC 27001 and ISO/IEC 27017, as well as System and Organization Controls (SOC) SOC 2, Type I and II.

  • ISO 27017 proves that Appfire meets the highest standards in safeguarding your data’s safety and integrity in cloud environments. 
  • ISO 27001 ensures that the company follows the framework and guidelines for establishing, implementing, and managing an information security management system (ISMS).
  • SOC 2 confirms that Appfire has all the controls and processes in place to safeguard its customer data and ensure the security, availability, processing integrity, confidentiality, and privacy of that data.

BigPicture users can rest assured their data is protected from unauthorized access, security incidents, and vulnerabilities.

Data Privacy Framework –  secure transfer of data from the EU to the US

Data Privacy Framework (DPF) enables European entities (EU countries, United Kingdom, and Switzerland) to transfer personal data to participating companies in the United States without having to put in place additional data protection safeguards – DPF ensures that data protection is consistent with EU, UK, and Swiss law.

Appfire has committed to comply with a detailed set of privacy obligations and is officially on the list of participating US companies. For the European BigPicture customers and partners, it means their data is safely and lawfully transferred to the US participating organizations.

Verified by Atlassian – Cloud Fortified and Bug Bounty Program

Atlassian’s Cloud Fortified program aims to help customers quickly identify apps that follow advanced security practices. The vendor behind BigPicture participates in all six cloud app security programs under the Security, Reliability, and Support categories. 

The Cloud Fortified badge is the proof given only to those apps that are vetted to meet requirements in all those programs.

Atlassian’s Cloud Fortified badge awarded to BigPicture.


The Marketplace Security Bug Bounty Program is also worth mentioning from the Atlassian side. It provides an additional layer of cybersecurity to the marketplace partners who can have their apps tested by external security testers (bug hunters). After all, the more people check an app, the more chances they’ll find a vulnerability that the vendor can immediately fix. 

One Appfire: Setting security standards for the entire app ecosystem

Appfire sets the highest standards for trust, security, and compliance for BigPicture and all the apps in the company’s portfolio.

BigPicture users can rest assured that their app is safe and compliant. Should they choose to complement BigPicture with another Appfire product, they don’t need to worry about running another security and compliance audit or signing another license agreement – they already have them covered under the One Appfire policy.