In today’s digital world, there are many rules and regulations about how data and information is used. Many companies will have their own data handling policies relating to the management and use of sensitive information. With Compliance for Confluence, you will have access to some of the tools needed to manage information contained on Confluence in the right way. You can add page classification levels, restrict access to certain Confluence pages and use automated actions when sensitive data is detected. It’s easy to install with no setup required.
Classification of Documents
Data classification requires tagging data being stored to make it easily searchable, trackable and more efficiently protected. At a basic level, this involves defining a number of classification levels and assigning these to pages, clearly displaying the level on the page. In order to secure the data, your organisation should also restrict who can access pages of a certain level (or clearance).
Compliance for Confluence lets administrators customize each level's name, description and color.
The App can either operate in an ad-hoc or forced mode for the users:
Ad-Hoc - Users can set a pages' classification at their leisure from the top of any page.
Forced - Users must set the classification level on creating or updating a page (if it doesn't already have a level).
When a page has been classified as a certain level, it is clearly displayed on the top of the page (or a macro), alerting anyone viewing the page about data handling procedures with the particular content (e.g. whether it is public or internal only).
The App, depending on the Space-level configuration allows Space administrators to set which users/groups can view pages of a certain level
Extraction and Redaction of Sensitive Data
Your organisation should also be aware of what data is being stored within these pages, to ensure that the security policy is being followed. This includes data such as credit card numbers, national identity numbers, email addresses, IP addresses or other data like Sort Codes. Using an automated sensitive data detection system lets you identify sensitive data in the data library with a high level of confidence.
In large Confluence instances it is difficult to track if/where this data is being stored. Companies who leak sensitive data can be fined by regulators and so it is essential that you have an effective data detection system on your enterprise systems.
Compliance for Confluence provides a mechanism of detecting sensitive data using regular expressions, which can detect text which conforms to a certain pattern.
The App comes with several pre-installed patterns ready to be enabled and scanned for on pages as well as the ability to create your own patterns.
Search and Filter through your Documents
Compliance Search allows you to search and filter through your documents all in one place. This gives you an efficient way to view your pages with ease and inform you on the Classification level and where sensitive data has been detected.