We will introduce 3 patterns for managing your Backlog projects and how users can access information:
- Internal and external projects for internal/external users
- Project for all users
- Controlling access via IP address restrictions and force 2FA
Pattern 1: Internal / External projects
If you are planning to use Backlog with many members or external partners, consider dividing the projects into “internal/external” projects.
Projects can be separated based on departments (like marketing, support, development, etc). This is effective for controlling user access to information and can also be applied to joint projects with members of other departments or customers.
For example, we can consolidate interactions with external partners in an external project, while internal coordination and research are carried out in an internal project that’s only accessible by relevant team members. This way there are no worries about confidential information leaking outside of the team. Since information is kept organized in both internal and external projects, we can still track our issues and tasks smoothly.
Scenario: working on a project with external partners or customers
Consider splitting the project into internal and external projects so that confidential work or research information is accessible only by team members or internal members. In the external project shared with customers, you can also consider adding further restrictions on specific users, such as the “Add issue only” or “View only” restrictions introduced above.
Pattern 2: Project for All Users
Although it’s important to limit user access on a per-project basis, there are also situations where we want to communicate work information and issues to all users in the Space. In this case, it’s best to create an all-users project.
By having a project in which everyone can participate, you can inform everyone about important updates, discuss work in issues, share Wikis, files, etc — to ensure that information is communicated smoothly within the organization.
Scenario: sharing information to all users and all users can communicate and share information smoothly.
Create a project and add all users in the Space as members so everyone has access.
Pattern 3: Control access via IP address restrictions and force 2FA
Finally, we’ll introduce the IP address restrictions feature that you can use to restrict user IP addresses that can access Backlog.
For example, an organization may want its users to access projects from the office network and prevent access from home or other unsecured networks. In such cases, the Backlog Space can be set to only allow access to a list of permitted IP addresses.
The Access Control feature is available in Standard plans or higher. We recommend it as a way to prevent unauthorized access by third parties in advance.
In addition, administrators can also enforce two-factor authentication (2FA) for all users (available for Premium plans and above). This requires all users to enter a 2FA code in order to log in.
Scenario: Limit Backlog user access to permitted connection sources or networks, i.e. IP addresses.
Use the Access Control setting, which can be found under Space settings; enter the permitted IP addresses into the allowlist.