In the previous chapters, you configured your Jira to capture data with customized screens and fields, and processed the captured data through workflows. What you need to do now is secure the data you have gathered to make sure that only authorized users can access and manipulate issues.

Since your HR project is used by the internal team, what you really need to do is put enough permissions around your issues to ensure that the data they hold does not get modified by other users by mistake. This allows us to mitigate human errors by handling access accordingly.

To achieve this, you need to have the following requirements:

• You should know who belongs to the HR team
• Restrict issue assign operations to only the user that has submitted the ticket and members of the HR team
• Do not allow issues to be moved to other projects
• Limit the assignment of tickets to the reporter and members of the HR team

Of course, there are a lot of other permissions we can apply here; the preceding four requirements will be a good starting point for us to build on further.