Atlassian introduced soft-delete policies to prevent the accidental deletion of sites during maintenance or service outages. The update follows a recent incident where hundreds of customer sites were accidentally deleted.
In April, Atlassian was hit by a major cloud system failure after running an incorrect maintenance script. A total of 883 sites and customer data were unintentionally deleted immediately, affecting 775 customers.
In an attempt to prevent the incident from happening again, Atlassian introduced soft-delete policies. The soft-delete policies require site, data and meta-data deletions to be verified before being processed. According to Atlassian, this process should prevent any errors.
Atlassian soft-delete policies
Any operation that requires deletion processes must first be tested within Atlassian’s own sites. Once the processes are validated, and it becomes clear that they won’t delete data unwisely, the maintenance processes are implemented for customers. Here, too, tests are carried out first to ensure no unexpected deletions occur. This makes it impossible for external scripts or systems to delete customer data in production environments.
In addition, the soft-delete policies have retention capabilities. This allows for faster recovery of sites and data. Only after a retention period expires is data removed from production. Furthermore, Atlassian is redefining its management and communications surrounding large incidents.