3 Clever Ways to Protect Your Data: Compliance, Classification and Rovo
Did you know that over 40% of organizations still rely on manual compliance processes in Confluence?
On average, those Admins spend over five hours a week identifying outdated content, managing audits, and ensuring documents align with compliance standards.
That’s too much time. So, today we’re bringing you three ideas for smarter, faster, and more automated data control and compliance in Confluence.
1. Centralize your compliance data
Are you already using the Compliance for Confluence app? If so, sit tight – we’ve got more for you in just a moment. If you’re not, then we’ll quickly introduce you to all that our app delivers.
Meet Compliance for Confluence
Created by our teammates here at AppFox, Compliance for Confluence is an Atlassian Marketplace app. As the name suggests, organizations use it to support and enhance their compliance efforts.
For example, with Compliance for Confluence, you can apply a dynamic data classification scheme to your content, scan your Confluence pages for sensitive data and PII (Personally Identifiable Information), and automatically redact said sensitive data.
These measures can form part of your Data Protection or Loss Prevention strategies, and aid compliance with regulatory frameworks and legislation.
Now, time for the new – and exciting – part.
Integrating your compliance data with your wider techstack.
Previously your Compliance for Confluence actions and data would be accessible on your in-app admin dashboard in Confluence. Whilst the dashboard provides a ton of visibility, this has meant that all those valuable compliance insights tended to be siloed away.
We knew that a centralized view would be a game-changer for many – especially for enterprise stakeholders who need oversight of all compliance data, or those preparing for audits or regulatory changes. The solution? We developed a REST API for the app.
The Compliance for Confluence REST API.
With the new API, you can integrate data from the Compliance app with your wider tooling and platforms, such as your BI dashboard. You might, for example, want to pull through the number of active Confluences pages with PII flagged within them, or to extract and report on which pages have had which classification levels applied to them.
Having a central view of this data alongside your other business insights, can significantly enhance reporting, increase efficiency, and reduce context-switching. It’s especially valuable for teams preparing for an audit, reviewing their risk management measures, or who need to evidence their compliance strategy.
You can discover value of integrating your Compliance for Confluence data with your wider tooling today!
2. Create a custom Rovo Agent
Rovo has been a big presence in the Atlassian ecosystem this year, and we’ve been creating new Rovo Agents, ourselves. (If you haven’t already, check out our first app to be powered by a Rovo Agent, Captionizer, available for free from the Marketplace).
There are a number of out-of-the-box Rovo Agents already available on the Atlassian Cloud Platform, but if you’re looking for a more specific use case, you can create your own – either using Rovo Studio, or developing an Agent using Forge.
But how will this help you enhance your Compliance efforts?
Well, using the new integrations made possible with our REST API, you can use Rovo Agents to automate and improve your data compliance processes. For example, we built one to automate the application of data classification levels – resulting in a tighter, more efficient process.
Here’s the detail:
- Using Rovo Studio, and drawing on the new Compliance for Confluence REST API, we created a Rovo Agent to analyze the content of a page and determine which classification level (such as internal, public, or restricted) should be applied.
- First, we asked the Agent to use the API to check which Compliance for Confluence classification levels are available for any given Confluence page.
- With carefully crafted prompts, we then told the Agent to read the contents of said Confluence page(s) and select a classification level based on the sensitivity perceived in the document.
- The Agent then again draws on the REST API to push through the correct Compliance for Confluence classification level.
This custom Rovo Agent removes the need for a human teammate to read each and every Confluence page to flag sensitive data, reducing the risk of human error and PII slipping through the cracks. Alongside this, the Agent also makes the classification process quicker, as it automatically applies a level.
This is, of course, just one example in a world of limitless opportunities when it comes to training Rovo AI to interact with the comprehensive feature set provided by Compliance for Confluence.
Do you have an idea for a custom Rovo Agent, but you’re not sure how to build it?
3. Identify, redact and classify sensitive data
Protecting and managing sensitive data and PII is a core compliance requirement of almost every data protection regulation. But with page upon page of content in your Confluence, how do you know whether you’re storing PII? What can you do to better protect it? And how can you eliminate manual processes and save precious time?
The Compliance for Confluence app will scan your Confluence pages for sensitive data. The app provides preconfigured search queries, and you can create your own using simple queries. Once the specified PII or other sensitive information has been identified, the app will alert you. Compliance for Confluence can also flag which pages don’t contain sensitive data.
Redaction and classification.
So far, so good. You know where high-risk information is stored. But now you need to take action.
Compliance for Confluence takes care of this. When enabled, the app can redact sensitive data once found. Alongside this, you can configure automated page classifications to be added – so whenever a page with PII is flagged, the app can automatically classify it as ‘restricted’ or ‘confidential’.
For auditing purposes, Compliance will store all sensitive data history and actions in an audit log, so you can review past detections, redactions and measures taken.
Using the Compliance for Confluence REST API, you can also pull your insights around sensitive data detection, redaction, and automatic classification levels into your BI dashboard, for that enterprise-level reporting.
Faster, smarter data management and compliance in 3 ways
We’d love to know if you put any of these three ideas into practice, and the impact it has had on your data compliance processes. With API access to the insights provided by Compliance for Confluence, the opportunities are endless.
Ultimately, we want to save your teams as much time and effort as possible, so you’re free to focus on the things that really matter. With centralized Compliance dashboards via the new REST API, custom Rovo Agents and automatic detection, redaction and classification, you should start to see those efficiencies emerge.
Looking for even greater productivity and automation? Why not take a stroll over to the Atlassian Marketplace and check out some of our other apps. From creating complex, multi-stage workflows for Confluence at the touch of a button, to rapidly analyzing and optimizing the health of your Jira instance, we’ve got it all.
