Software Adoption Blog for Atlassian by ServiceRocket

How to Secure (Almost) Anything in Confluence

Written by Gretchen Pawloski | August 12, 2020
This blog was first published by Dan Luebke on October 27, 2015.  It was last updated on August 13, 2020 by Gretchen Pawloski.
 

Your teams use Confluence to create, organize, and share work, so everyone has visibility  and access to the information they need to do their job. Many of these pages and spaces contain sensitive information such as passwords, customer and employee information, competitive secrets, financial data and more. How do you protect that data from prying eyes, hackers or just someone stumbling through the depths of your Confluence? You use Security and Encryption for Confluence by ServiceRocket. 

Why Does Security and Encryption Exist?

“When Confluence first came out, what it did for our organization is all of a sudden all of our information ended up in the wiki (Atlassian Confluence). And so we democratized content to give everyone access to everything… But some information has to be secure and kept confidential. We created this add-on to do just that."

-Rob Castaneda, CEO and Founder of ServiceRocket

 

Initially released as an internal tool, our IT team began using Security and Encryption to secure passwords, license keys and more that could be hidden from page history and made available when necessary. The value of this protection was immediately clear, so ServiceRocket decided to invest in making an enterprise-grade version. That was just a few years ago, and now companies across the Atlassian ecosystem rely on Security and Encryption to protect sensitive information.

 

4 Things Security and Encryption Does For You

 

  1. Protects your sensitive information

  2. Works with rich text

  3. Helps you achieve compliance

  4. Includes SSO Authentication support

Doesn't Confluence Have Built-in Privacy Protections?

Confluence comes with the ability to restrict specific pages and spaces to specific groups or users. This works well for managing large portions of your wiki. But what if you only want to restrict or a portion of a Confluence page? Or if you want to make certain content available for people who possess a password? Or if your data is so sensitive it should be encrypted so that if your instance is hacked, it remains inaccessible? The solution to all of these scenarios is Security and Encryption for Confluence

 

Here's How It Works

One of the ways the ServiceRocket team uses the Security and Encryption add-on is by encrypting passwords onto pages of our wiki. In this Under the Dome video, Jesse and Rob demonstrate how we do it and employ the Timeout feature of the add-on.

 

3 Steps to Secure a Password in Confluence

1. Add the secure macro anywhere on a page

 

 

2. Provide a title - this will appear on a button where you placed the secure macro

 

3. Provide secret, which in this case is the password we want to protect (but could also be a photo or any other bit of rich text)

 

And you're done!

 

Additionally, you can specify which users or groups (beyond your account) have access to the secure data (after they enter a password).  Plus, with the Secure Macro, administrators have a clear audit trail of who has created, decrypted and edited any secured data.  Now that's security you can trust.

 

For information that doesn't need to be encrypted, but should only be visible to certain users, check out Visibility for Confluence.  Visibility allows you to dynamically show or hide content sections, based on various conditions. Our customers use the app to create knowledge base, project documentation, release notes and user guides in Confluence. 

 

 

 People love powerful, yet simple-to-use products that get the job done. We love building them. We've got your back.

Ready to get started? 

Learn more about Security and Encryption for Confluence, start your 30-day free trial now or learn about pricing. 

View full post