Product Update

Introducing Sensitive Data Detection in Confluence Cloud

“Sensitive data” is often seen as a very serious or alarming phrase, and for good reason. The growing number of rules and regulations that govern how information is captured, used, and stored make it an important topic for every organization around the world.

But with so many tools and software applications available to help us all work smarter and faster, how can you keep track of all the information that’s being shared?

Well, the first step to managing sensitive data effectively is awareness and today we’re delighted to unveil an easier way for your data security teams to identify sensitive data that’s stored in Confluence.

Introducing, Sensitive Data Detection 🎉

Sensitive data detection is an exciting addition to the much-loved app, Compliance for Confluence, a fully integrated tool that aims to make data loss prevention easier and more manageable for organizations of all sizes.

So, let’s take a look at sensitive data detection and how it will give your organization greater visibility into the data being stored in Confluence.

The power is in your (admin’s) hands ⚡

Compliance for Confluence is designed to empower admins with an abundance of data loss prevention tools and these are all managed at the admin level in Confluence for greater control.

The new sensitive data detection feature is no different.

Once activated, admins can access a vast range of configuration options, from the types of data being detected, to where and how sensitive data detection will be used in your Confluence instance.

Configure sensitive data detection the way your organization needs

This level of control and customization enables you to use sensitive data detection the way that is right for your organization, and not be restricted to a one-size fits all approach.

But this is only the beginning. We have an exciting roadmap in place so you can expect to see many more options in the future!

Reduce the manual burden on your admin and security teams 🙌

If you have hundreds or thousands of pages being created, edited, or shared every day, keeping on top of the different types of data is an uphill task to say the least – and there could easily be sensitive data located in different places across Confluence.

Whilst every employee has a responsibility to adhere to the rules and regulations that apply to their organization, it’s often data security teams and admins that are responsible for monitoring and governance processes.

Sensitive data detection adds another tool to your armory and will help automate the detection of certain types of high-risk, sensitive data that may be stored in your instance.

Identify areas of risk so you can take action 🔍

As mentioned earlier in this article, the first step to managing and protecting sensitive data is awareness, and this means understanding where its located and what types of information exist. The reality is that many organizations will likely have some form of sensitive data in their Confluence instance and its important to find it.

Whilst this might sound concerning from a risk perspective, it’s always best to be aware of the information so that you can take action to safeguard it from loss or disclosure – and that’s the goal of sensitive data detection in Compliance for Confluence.

Once sensitive data detection has been activated in your Confluence instance and the data types have been selected, Compliance will scan all the required pages for sensitive data that matches the chosen detection criteria. If any data is detected, it will be highlighted to admins in the Sensitive Data Search.

Sensitive Data Search in Compliance for Confluence

This is the central repository of all sensitive data detected by Compliance for Confluence and the place you should refer to.

You’ll notice that each of the data detections will display the data type (e.g. credit card number), the Confluence page and the space it was detected on (hyperlinked for easy access), the page author, and finally the date and time that this data was detected.

What types of sensitive data can be detected? 🤔

Ah we knew this question was coming! And understandably so 😉

This is version 1 (the alpha) of sensitive data detection so we’re starting out with just a few detection types. There is a pretty extensive roadmap in place for future improvements so you can be sure to see some exciting additions being added to the detection list in the near future!

As of now, sensitive data detection can detect four different types of data:

  • Email addresses
  • Credit card numbers
  • Telephone numbers
  • Usernames
Sensitive Data Detection Types

For more information on these data types and how to activate them in Compliance for Confluence, check out our Data Detection Types guide.

Sensitive data detection has been designed to reduce the number of false positive detections, so you can be laser-focused on the real areas of risk. For example, only valid credit cards (matching recognized formats) will be detected. Simply adding a string of numbers that match the length of a credit card to a Confluence page will not trigger the detection in Compliance.

Just remember, this is the first version of sensitive data detection and you can expect to see the available data detections to expand significantly in the future, as well as the introduction of enhanced reporting and notification capabilities. We’ve got exciting plans in place!

Control where sensitive data detection operates 🕹️

You are in full control of sensitive data detection and where it scans for data.

The Scope configuration settings enable you to choose where sensitive data detection is activated for your entire Confluence instance (globally), or on a space-by-space basis.

Control where sensitive data detection will operate

As you can see, you have the ability to include or exclude personal spaces from the detection itself, giving you greater control over how this powerful tool works for you and your organization.

Manage the types of information that will be detected 👮‍♀️

There be some scenarios where you want to exclude certain types of data and information from being picked up by sensitive data detection.

Let’s say, for example, you have an internal group email address that you want to share with employees in your Confluence instance. By default, sensitive data detection will identify any email address that is stored in your Confluence pages and flag it as sensitive data.

Excluded sensitive data in Confluence

The exclusion rules in Compliance for Confluence allow you to exclude certain types of information from being detected and your group email address will no longer be flagged. Nice and easy!

Exclusion rules are pretty flexible and there are many examples that may apply to your organization, so be sure to check them out!

It’s time to experience real-time sensitive data detection in Confluence

If you’re looking for an easier way to identify sensitive data and areas of risk in Confluence cloud, you can get a free 30-day trial of Compliance for Confluence and put it to the test.

But just remember we’re here to help whenever you need us. If you have some questions about the new sensitive data detection feature or would like a walkthrough of Compliance for Confluence, just reach out to our team and we’ll be happy to help!

In this article:
About the author:
Craig Willson
Craig Willson
Craig is a product marketer at AppFox who spends his time helping Atlassian and monday.com users get the most out of their most important (and loved) software. When he's not at work, you'll find Craig spending time with his family, watching football, or out walking his dog in the glorious British weather (aka rain).