Identifying Sensitive Data
Bruno works as a Product Manager for a large business who have been preparing for their upcoming product launch. A few days ago, Bruno found Confluence pages which contained some company Credit and Debit card numbers which would be costly if they fell into the wrong hands.
Bruno needs to set up notifications so he is made aware of sensitive data being added to Confluence. He also needs to ensure sensitive data is redacted so that no one can view the information.
Compliance for Confluence can help Bruno with automated notifications and redacting data when sensitive information is added to a Page.
Sensitive Data Detection
Dealing with Sensitive Data
Configure Scan Options
Sensitive Data Redaction
Identifying Sensitive Data
Bruno decides the Data Extractions that are going to be searched for throughout the company’s Confluence instance. The data extractions he will set the Compliance for Confluence to search for are Credit Card and Debit Card numbers. Credit and Debit cards have unique combinations and each provider follows a different structure, he opts to create his own universal card regular expression. Using the following website he learns how to create a Credit Card regular expression, which he adds as a Custom Extraction to his existing list of Extractions.
Compliance for Confluence provides you with an unlimited number of custom extractions, and gives you the freedom to define your own Regular Expressions which select the data you need to extract.
Bruno visits the Detection Settings to specify which Spaces will be scanned for sensitive data, and to set the frequency of the scans.
Compliance for Confluence allows for three different kinds of Scans:
Real Time - Analyses pages automatically whenever a Page is created or updated
Scheduled - Schedule an analysis on a particular schedule (Once a week by default)
On Demand - A manual scan of all pages in the Confluence instance.
Each allows your pages to be indexed and allows for detection of Sensitive Data.
He then configures the Scan Scope and Options to search through pages in Real Time to scan all of the pages in the Confluence Instance. Scans have a large number of available options, such as the Spaces and Pages you scan, along with the frequency and scheduling of the scans.
Now his Scan is ready to go. He specifies the extraction he created earlier and adds multiple actions to redact and email users when the sensitive data is found.
Compliance allows users to Label, Classify, Redact and Email when an extraction is detected.
Bruno has decided to create an Automation Rule, that will send him an email and Classify the Page whenever one of his Extractions has been detected. This informs him when any Sensitive Data is detected on his instance and will also make sure that the pages are Classified and Restricted correctly.
In addition to receiving the notifications, Bruno can use Compliance for Confluence’s browser to search through all the detected data. The browser shows the pages and spaces where data has been detected allowing Bruno to identify if there are any pages or spaces where this is happening more often.
As you can see, Compliance for Confluence gives you a great way of detecting what information is being stored in your system and helps you to comply with regulations.