In our latest video, we break down Atlassian Guard, the organization-level security and identity management layer that determines how safe and manageable your entire Atlassian Cloud environment really is. You’ll learn what Guard Standard and Premium each offer, where to find Guard settings, and the exact next steps to start securing your Jira, Confluence, Bitbucket, and Trello instances from one central place.
This is the first episode in a mini series designed to make Atlassian Guard feel simple, walking you through everything from the basics to advanced setup without drowning in menus.
Watch our full walkthrough video below for a visual tour of the Atlassian Admin Hub and Guard configuration screens:
The Problem Atlassian Guard Solves
One of the most common issues we see is admins trying to secure Jira separately, then Confluence separately, then someone adds Trello or Bitbucket, and suddenly identity rules, login policies, and audit visibility are inconsistent everywhere. It’s like running four different lock systems on one building while everyone shares the same front door. And it fails exactly when you need it most, during onboarding, offboarding, or security incidents.
If you want consistent access control, a clean user lifecycle, and centralized management, you need one place to handle it all. That’s precisely what Atlassian Guard is designed for. Instead of configuring security product by product, Guard lets you define policies once at the organization level and apply them across every Atlassian Cloud product your team uses.
What Is Atlassian Guard?
Atlassian Guard is a security and identity management layer for your Atlassian Cloud instance. It applies across Jira, Confluence, Bitbucket, Trello – essentially the entire Atlassian Cloud ecosystem. The most important thing to understand is this: Guard is an organization-level subscription, not a per-product add-on.
This means you manage Guard in your Atlassian Admin Hub at admin.atlassian.com under your organization, not inside a single Jira project, not inside a Confluence space. When you turn on single sign-on policies or provisioning rules, you do it once centrally and it affects managed accounts across your entire organization.
If you’ve ever wondered why you can’t find a particular security setting inside Jira, it’s probably because that setting lives at the organization level in the Admin Hub. In our video, we open the Admin Hub and walk through the dashboard where you can discover your current Atlassian Guard settings, see whether you already have a Guard Standard subscription, and explore the option to start a Guard Premium trial.
Atlassian Access vs. Atlassian Guard: Quick Clarity
Atlassian Guard didn’t appear out of nowhere. It’s mostly a rebrand and expansion of capabilities you may already know. Here’s the timeline:
- Atlassian Access became Atlassian Guard Standard around June 2024.
- Atlassian Beacon became Atlassian Guard Premium in October 2024.
So if you’ve been searching for Atlassian Access, you’re not lost, you’re just looking at the old name for the same core identity foundation, now with additional security capabilities layered on top.
Why the Rename?
Atlassian expanded beyond just access control, meaning not only login and identity. Guard now includes things like data protection and threat detection. In other words, it’s not only about who can log in, but also what data is sensitive and what risky behavior is happening across your organization.
Guard Standard vs. Guard Premium
Think of it this way: Guard Standard is your identity backbone, while Guard Premium adds the security operations layer including data security and threat detection. Let’s walk through what each tier includes at a high level.
Guard Standard Features
Guard Standard provides the foundational identity and access management controls that most organizations need as a starting point:
- Domain Verification and Account Claiming, This is how you prove you own your company domain (e.g., example.com). In our video, we navigate to Directory and Domains in the Admin Hub to show a domain that has been added and is going through the verification process. After domain verification, you turn users with that email domain into managed accounts, which are what you can actually control and secure consistently.
- Single Sign-On (SSO), Your users authenticate through your identity provider such as Microsoft Entra ID or Okta, giving you centralized login control. If you have compliance requirements, this is often step one. In the Admin Hub, you find this under Security and Identity Providers.
- User Provisioning via SCIM, This is the automation piece. SCIM will create accounts, update attributes, and deactivate users automatically from your identity provider. This is what prevents ghost accounts and the classic offboarding scramble where departed employees retain access.
- Authentication Policies, This is where you set rules such as whether a domain requires multi-factor authentication. You can control how users sign in with one policy applied consistently across the organization. You can also configure settings around API token usage here.
- Mobile App Management, Helps you manage mobile access to Atlassian apps with organization-level controls. You can create mobile app policies under Security, Device Security, and Mobile App Policies.
- Audit Log, When something goes wrong or an auditor comes asking questions, the audit log helps you answer who did what, when, and where. You find this under Insights and Audit Log in the Admin Hub.
Guard Premium Features
Guard Premium is where you move from identity controls into deeper security and data protection. It typically includes:
- Data Classification (Sensitivity Labels): This lets you label content as public, internal, or confidential and treat it differently based on that classification.
- Sensitive Data Detection: Automatically scans for risky content like credit card numbers or exposed API tokens so you can find problems before they become incidents.
- Threat Detection and Activity Alerts: Can alert you when something looks like unusual login patterns or risky behavior that doesn’t match normal usage.
- Data Security Policies: Allows you to define and enforce rules around how sensitive data is handled across your organization.
- Extended Audit Logs and SIEM Integration: Security Information and Event Management integration means your central security monitoring system can receive Guard events, feeding them into your broader security tooling.
Two important points about Premium. First, it’s designed for teams handling sensitive data, regulated industries, or serious compliance requirements. Second, and this trips people up, Premium is an add-on to Standard. You generally need Guard Standard first, then Premium layers on top of it.
Atlassian Guard Pricing
Understanding the pricing model is essential before you commit. Here’s the current breakdown:
- Guard Standard is listed at $4 per user per month on any plan. It’s included with Atlassian Cloud Enterprise.
- Guard Premium is listed at $8 per user per month as an add-on to Standard.
- There is typically a free 30-day trial available for Guard.
The key billing detail to understand is that Guard is billed per managed account across your organization. Think of it as: who is managed under my domain and policies? That’s the account that matters for billing purposes.
Your Next Steps
Getting started with Atlassian Guard doesn’t have to be overwhelming. Here are three simple steps to take right now:
- Step 1: Go to admin.atlassian.com, open your organization, and find the Guard section. Just confirm what you have today.
- Step 2: If you’re not on Guard yet, start a 30-day trial and plan your rollout, especially if you’re going to claim accounts and enforce single sign-on.
- Step 3: Watch the next episode in our series where we start with the foundation: verifying your domain and claiming accounts. Everything else in Guard builds on that.
If you’re already using Atlassian Access, this is your product now, and there’s a lot of powerful new functionality to explore. Stay tuned for the rest of our mini series where we’ll do detailed setup walkthroughs and demos covering domain verification, account claiming, SSO configuration, SCIM provisioning, and Guard Premium features like data classification and threat detection.
