Atlassian data centre EOL app guide: Moving with confidence
TL;DR
On 8 September 2025, Atlassian announced Atlassian Ascend and a firm end‑of‑life date for most Data Centre products: 28 March 2029 at 23:59 PST. Support winds down in phases from 30 March 2026. Migrate early to reduce cost and risk, and to unlock cloud‑only capabilities in scale, security and AI. Easy Agile Cloud Concierge is a free migration and education package (valued at US$9,000) for customers who migrate before 1 Jan 2027. Easy Agile’s track record: a 100% success rate migrating from Data Centre to Cloud with Easy Agile apps.
What’s changing
On 8 September 2025, Atlassian introduced Atlassian Ascend, a programme to transition Data Centre customers to Atlassian Cloud. The change provides a three‑year runway, with continued technical support through to 28 March 2029. Jira Align (self‑hosted) follows a separate policy and is not included in this EOL.
Who’s affected
Organisations running Jira Software, Jira Service Management, Confluence, Bamboo, Crowd on Data Centre, along with their mobile and Marketplace apps. Bitbucket Data Centre customers use the hybrid licence path rather than EOL.
Most teams run several Marketplace apps alongside Jira and Confluence. These apps are in scope for the Data Centre timeline and will follow the same end dates as your host products. Plan their move early to avoid gaps in capability.
Key dates and decision points
- 30 March 2026 at 23:59 PST: New customers can no longer purchase new Data Centre subscriptions or new Marketplace Data Centre apps.
- 30 March 2028 at 23:59 PST: Existing customers’ last date to purchase new Data Centre subscriptions, Marketplace apps, or subscription expansions.
- 28 March 2029 at 23:59 PST: End of life for impacted Data Centre products and Marketplace apps. Licences expire and environments become read‑only.
Why act now
Waiting compresses timelines and increases risk and reduces feature parity between cloud and data centre applications as organisations reduce ongoing investment in data centre apps.
Renewals cannot extend beyond 28 March 2029, which creates deadline pressure. Running in read‑only mode after EOL increases exposure because no new security fixes will be provided. App roadmaps may change as the EOL nears, so early assessment gives more options. Moving sooner lets teams adopt cloud‑only capabilities across Atlassian and Easy Agile apps.
Risks of waiting include rising cost from prorated renewals, reduced supportability as fixes narrow to critical issues, and tighter windows to validate Marketplace app paths.
Access to new cloud benefits will be immediate in the cloud with:
- Increased feature richness for core atlassian and Easy Agile Apps,
- Atlassian Cloud Fortified standards combined with SOC2 for stronger security posture across Easy Agile Apps
- Continuous performance improvements and faster innovation on cloud
- Reduced admin overhead
Third‑party apps, zero surprises
Treat Marketplace apps as first‑class in your plan. Bring them with you so teams keep their rhythm. A short review up front removes most app uncertainty. Use the Jira or Confluence Cloud Migration Assistant to see what you have, then make clear, simple calls.
Your app plan in six steps
- Check Cloud availability. Confirm a Cloud version exists and note any feature gaps that matter to your teams.
- Know the migration path. Record the path for each app: Automated, Install only, Vendor guide, Upgrade required, Contact vendor, or No path.
- Decide and document. Choose to keep, replace or retire. Prefer simple paths and strong security.
- Engage vendors early. Share your target window, ask for pre‑checks, data mapping and rollback advice.
- Test in a sandbox. Run a test migration. Validate data, permissions and integrations with app owners.
- Cut over with care. Pick a low‑risk window. Communicate the change and support channels.
A seamless migration path with Easy Agile
Easy Agile has guided dozens of migrations with a 100% success rate for customers using Easy Agile apps. It’s made easier with Easy Agile apps integrating with the Jira Cloud Migration Assistant (JCMA) to support migrations to Cloud. To ensure the 100% success rate, beyond JCMA Easy Agile still recommends a structured path to migration with early planning and app vendor engagement at the heart of success:
- Discovery and alignment to set goals and metrics;
- Engage with vendors to lock in resource to support migration dates and dive into the traps and planning pitfalls early;
- Readiness and architecture to confirm identity, environments and data residency;
- App assessment to audit Marketplace apps and document keep, replace or retire decisions - focusing on cloud security and migration simplicity to make the call;
- Test migration into a sandbox to validate data, permissions and integrations;
- Cut‑over in a low‑risk window with clear communications and vendor support;
Self-serve learning modules with training and success tracking. Where features differ, use guides to find practical workarounds or replacements so teams keep their rhythm flowing.
“Today’s data centre end of life update may bring questions and uncertainty, and we understand. But the move is achievable just as it was with Server across core Atlassian tools and third-party apps but it’s the teams who plan early that avoid the eleventh-hour rush and reduce risk.
We’re confident in our apps and support, with a 100% success rate migrating dozens of instances, which means our customers can maintain their ways of working without the stress many feel now.
Once on cloud, the benefits are significant across both core Atlassian tools and third party apps like Easy Agile with added functionality to make team work easier that’s not available on data centre.
It’s an exciting moment for teams who plan, engage their partners and vendors, and make the shift.”
Mat Lawrence — Easy Agile CEO
Cloud Concierge: Migration help, on us
Cloud Concierge by Easy Agile
Free for customers who migrate before 1 Jan 2027, valued at US$9,000. It includes a migration readiness workshop for stakeholders and admins, an app compatibility review focused on Easy Agile apps, a success plan with timelines and risk mitigations, sandbox and test migration guidance, and office hours across test and cut‑over. Eligibility is subject to availability and standard terms. Ready to move? Book your Cloud Concierge session.
FAQ's
Can we stay on data centre with Easy Agile?
You can stay with us as long as your Atlassian environment remains which means you can renew through to 28 March 2029. After that your Atlassian instance becomes read‑only at which time our apps will be impacted. The later you leave it, the less time you have to remediate, test and train.
Can apps move at the same time as core Atlassian tools?
Absolutely, our apps move seamlessly. We’ve done dozens of migrations directly with end users, and via our partner community with 100% success rate. There’s no risk or reason not to move your apps and maintain your ways of working to reduce disruption to team productivity.
How is security and compliance handled on Cloud?
Easy Agile on cloud offers certifications including SOC 1 and SOC 2 and Cloud Fortified so you know your new app is secure.
How about performance and latency?
Cloud scale limits and performance have increased meaning Easy Agile apps perform perfectly on cloud.
What if we have had a failed migration before?
Easy Agile can’t support your overall Atlassian cloud migration. Your best bet for support is to contact one of our expert partners.
How does Easy Agile support after cut‑over?
Cloud Concierge includes office hours support and on-demand training to help teams settle into a new UI, additional features, and realise cloud benefits with Easy Agile apps. We also offer select classroom style reonboarding to help teams settle and find their groove fast.
How do I get started?
Move early, move calmly, and get expert help. Book Cloud Concierge to secure your free migration and education package and set a confident path to Cloud.
Related Articles
CompanyEasy Agile is now SOC 2 Type 1 and 2 certified
We are thrilled to announce that Easy Agile has successfully achieved SOC 2 Type II compliance, a significant milestone in our unwavering commitment to maintaining high standards of security and privacy.
What is SOC 2 Type II Compliance?
System and Organization Controls (SOC) 2 is a widely recognized security standard developed by the AICPA that specifies how organizations should manage customer data. A SOC 2 report is often the primary document that security departments rely on to assess a service provider's ability to maintain adequate security.
Service providers like Easy Agile voluntarily undergo a rigorous audit and assessment to ensure their security controls meet AICPA’s Trust Services Criteria, including:
- Security
- Availability
- Processing integrity
- Confidentiality
SOC 2 compliance comes in two forms: A SOC 2 Type I report describes the design of a service provider’s system controls to meet relevant trust criteria as of a specific point in time, while a SOC 2 Type II report details the operational effectiveness of those systems controls to perform as designed over a specified period. An independent auditor, Johanson Group, has reviewed and certified that our processes, procedures, and controls are properly designed to meet the SOC 2 standards.
What does this mean for you?
Our achievement of SOC 2 Type II compliance means that when you use Easy Agile's services, you can continue to do so with the confidence that we have robust controls in place to secure your data. We believe that security is a shared responsibility, and this milestone is part of our ongoing effort to provide transparent and secure practices that support your business.
We want to thank you for your trust and support in Easy Agile. Your data security and privacy are our top priorities, and we are committed to delivering services that not only meet but exceed industry standards.
When is ISO 27001 coming?
Now that we've completed our SOC 2 Type II compliance we'll be setting our sights on ISO 27001 compliance in the next 12 to 18 months.
Where can I learn more?
Visit our Trust Report to access security reports and monitoring.
For any questions or more information about our SOC 2 Type II compliance and what it means for you, please feel free to reach out to our team at security@easyagile.com.
ProductEasy Agile's getting onboard the Cloud Fortified train
What is Cloud Fortified?
The Atlassian ecosystem keeps growing, and today there are over 5,300 apps and more than 1,600 partners, with customers installing so many products that meet a multitude of needs.
Atlassian products set a strong foundation of security and reliability and it only makes sense that the apps that clip onto these products are just as safe and secure. This is particularly true for enterprise organizations pursuing cloud migration who want to ensure their apps meet cloud security standards.
Enter Cloud Fortified.
The Cloud Fortified program and badge makes it super simple for customers to identify enterprise-ready cloud apps with additional security, reliability, and support.
In November 2021, the Easy Agile team proudly said “Wooohooo!” as we became Cloud Fortified across our full product range 🙌 🙌
Easy Agile Trust Center: You have put your trust in us and our products. Maintaining this trust will continue to be our priority.
What Easy Agile apps are Cloud Fortified?
Easy Agile TeamRhythm
Support your team from planning through to release and retrospective, and deliver products that your customers value, with our intuitive, agile solution in Jira.
Try Easy Agile TeamRhythm for free here
Easy Agile Programs
The complete PI Planning solution for Jira. Ideal for distributed, remote or face-to-face Program Increment Planning.Try Easy Agile Programs for free here
Easy Agile Roadmaps
The simplest and most flexible roadmapping tool for Jira.
Try Easy Agile Roadmaps for free here
Easy Agile Personas
A customer centric approach to backlog refinement.
Try Easy Agile Personas for free here
Why is Cloud Fortified so important?
At Easy Agile, our customers are our highest priority. Cloud Fortified demonstrates our commitment to cloud security based on Atlassian’s programs and standards. It also is an easy way for our stakeholders to know that we meet Atlassian-aligned performance and reliability requirements and abide by strict support SLAs for an excellent cloud experience at scale.
Maximum security and continuous monitoring
Our Cloud Fortified apps are subject to the following four initiatives, which identify vulnerabilities at scale and shows our commitment to fixing these vulnerabilities and meeting Atlassian’s security baseline:
- Ecoscanner: Atlassian’s Ecoscanner platform continuously monitors all Marketplace cloud apps for common security vulnerabilities.
- Vulnerability Disclosure Program: Through this program, customers and security researchers can report cloud app vulnerabilities to Atlassian and Marketplace Partners. Atlassian runs this program and defines the parameters for all cloud apps.
- Cloud App Security Requirements: Atlassian has defined a minimum set of mandatory requirements that all Marketplace cloud apps must meet to ensure security best practices across our ecosystem.
- Security Bug Fix Policy: All Marketplace Partners are expected to meet Security Bug Fix SLAs to ensure cloud app vulnerabilities are addressed promptly.
Easy Agile also actively invests in two additional programs:
- Marketplace Bug Bounty Program: Through this program, we proactively combat security risks before they arise by incentivizing security researchers to find vulnerabilities
- Security Self-Assessment Program: Through this program, Easy Agile complete an annual security assessment that Atlassian reviews and approves.
Reliability at Scale
As Cloud Fortified apps, Easy Agile products undergo additional checks for service reliability and performance at scale, measured and monitored against service level indicators and objectives. We also proactively check to ensure future compatibility with Atlassian’s Jira to avoid disruptions. This means our Easy Agile apps are less likely to break in response to a Jira update.
As part of the Cloud Fortified certification, Easy Agile were also required to confirm our incident and change management process, that is integrated with Atlassian’s to allow for faster recovery time and continuous improvement. That means in the case of an incident there is a verified process to get back online fast.
Responsive Support
When you need help with one of our products, know that we will be there. Our Cloud Fortified apps abide by strict support SLAs. If one of our Easy Agile apps has a problem, we will get back to you within 24 hours, 5 days a week during local business hours.
Read more about our Service Level Agreement and commitment to you.
Learn more about our Security practices
The Easy Agile Trust Center has been created to help you and your team feel confident in our products security, reliability and privacy. If you want to learn more about how we are looking after your security needs, visit our Easy Agile Trust Center.
ProductHow to Improve Software Security: Start With These 6 Key Steps
Software security—it’s definitely not the sexiest of topics, but it’s an important one. When not prioritized, it can lead to devastating results for developers, stakeholders, and users.
Software security isn’t about strong passwords or authentication. It happens long before, while a product is being built. By implementing best practices early in the design process, software developers can embed rigorous security measures into every aspect of a product's design.
In this post, we’ll share 6 critical strategies for improving and maintaining software security.
As a Platinum Atlassian Marketplace Partner, Easy Agile products adhere to stringent security measures.
The importance of software security
Customers depend on their applications being secure. Software security protects against malicious cyberattacks, hacking, and other online risks. It’s a prevention method that addresses security early rather than waiting for security issues to occur.
The number of cyberattacks increases every year with no sign of slowing down. More and more of our business practices and personal lives are moving online, which means there are more and more opportunities for hackers to exploit.
This is why it is critical that software designers understand the gravity of software security and put security protocols front and center in the design process. When issues and vulnerabilities get spotted early, you can address them quickly and with fewer costs.
How to improve and maintain software security
Software security is an ongoing process. You always need to work to improve your security by investing in training, making security part of your software design process, and meticulously testing for potential vulnerabilities.
Follow our 6 strategies to improve and maintain your software security.
📖 READ: Easy Agile Trust Centre - Our commitment to you
1. Make security decisions at the design level
The best way to prevent a security risk is by building security into the earliest stages of development. Keeping software security top-of-mind while making any design decision will prevent attacks from disrupting your product.
Putting in the time early in the design process will save time later on, and it’s much more cost-effective than a break/fix method that deals with issues as they occur. You can safeguard the security of software and prevent security breaches as well as dangerous software defects if everyone on your team addresses security throughout the design process, especially when making big product decisions.
Just like keeping customer needs at the forefront of decision-making, consider security every step of the way. A security breach or application downtime could negatively impact your stakeholders and users severely.
2. Invest in team training and education
Security is only as strong as your weakest link, which is why it’s so important to invest heavily in employee training. Regularly training your team in software security best practices will ensure everyone is on the same page about what’s expected, where in the software development life cycle (SDLC) security is addressed, and how to keep up with the evolving security landscape.
Malicious attackers are always coming up with new ways to disrupt and exploit software, so it’s important that teams are regularly trained and updated about how to keep up with security requirements.
Don’t only train new employees in computer security. You should provide secure coding training and other safety tutorials for all software engineers, no matter their rank or experience. Require mandatory participation and ensure compliance. Everyone needs to be on the same page about how important software security is in the design process. This means introducing new training and reviewing basics multiple times a year.
Have team members complete test runs or simulations of phishing attacks that will help them improve intrusion detection. The sooner they can shut down an attack, the less damage will be done. Practicing this exercise regularly will ensure the entire team knows exactly what to do in the event of a cyberattack.
3. Have set policies and procedures in place
Your policies around security need to be clear and available to all team members. Ensure you have thorough protocols in place to make sure nothing slips through the cracks.
What are your current processes for ensuring software security is addressed throughout software development? Who is in charge of maintaining and updating these protocols and security controls? Does everyone on your team know about these protocols, and are team members up to date on what’s expected?
4. Embed software security within your SDLC
Make software security part of your software development life cycle (SDLC). Intentionally including it in your SDLC will make sure building secure software is an aspect of your standard business practices.
Ensuring security is adequately represented in your SDLC will take time, but it’s well worth it. Put in the time upfront for tasks like searching for security vulnerabilities, security remediation, and code review, completing a risk analysis, and conducting software composition analysis. The sooner you can address bug fixes and vulnerabilities, the better.
5. Complete risk analysis and rigorous testing
Test, test, test. The sooner you spot a vulnerability, the sooner you can begin fixing it. The more you test, the more likely you are to find issues, vulnerabilities, or software defects that cybercriminals are going to exploit.
Complete thorough risk analysis and various forms of testing early and often. Use a variety of analysis techniques for application security testing, such as penetration testing (or pen testing), which can identify the many ways your system’s vulnerabilities can be exploited.
6. Implement least privilege access
The principle of least privilege (PoLP), also known as the principle of minimal privilege or the principle of least authority, is an information security concept and practice that gives modules (such as users, programs, or processes) the bare minimum level of access or permissions required to perform their or its standard job functions.
Least privilege refers to a person or program’s authority to bypass security restraints. It’s a cybersecurity best practice that protects privileged access to high-value data and assets. Such access should only be given out on a need-to-know basis to safeguard against security issues.
An intern or temporary employee won’t have the same access as a manager or business owner. They’ll only be given exactly as much access as is needed for them to complete their job.
Privilege creep can also be detrimental to your security. This happens when access control and other privileges are not revoked by administrators once they are no longer needed, such as at the conclusion of a project or after transitioning into a different role. Ensure you have protocols in place for how leaders within your business keep track of access. How often do you assess your user privileges? Who is responsible for this task? Will you put security teams in place?
A quick recap and additional resources
Let’s go over these critical software security steps one more time:
1. Invest in team training and education.
2. Make security decisions at the design level.
3. Have set policies and procedures in place.
4. Embed software security within your SDLC.
5. Complete risk analysis and rigorous testing.
6. Implement least privilege access.
There’s plenty more where this came from. We are dedicated to helping teams work better with agile tools and practices. We make plugins for Jira that have simple, collaborative, and customer-focused functionality, including;