3 min read

Mitigate Risk with Secure Content for Confluence

By Praecipio Consulting on Jun 26, 2018 11:00:00 AM

Sensitive information and the security of that information is becoming increasingly critical for organizations across the globe. GDPR, PHI, HIPAA, PCI, and other sensitive information legislation has had a profound effect on what information can be stored where and who can access this information. At the same time, the need for centralization and collaboration for disparate teams has also increased. At Praecipio Consulting, we believe balancing the need for security with collaboration is a critical concept in content management. Secure Content for Confluence Server and Data Center helps users store and manage sensitive information while balancing Confluence's powerful content collaboration. 

As the number of users and amount of content begins to grow in Confluence, security becomes almost impossible to manage. As teams are encouraged to collaborate, the need to protect sensitive information such as passwords, data, reports, etc. also grows. While restricting pages can be a solution to protecting sensitive information, the ability to scale Space or Page content restrictions becomes impossible. Manual intervention from a Confluence or Space Administrator is required or, in the worst case scenario, sensitive information is unintentionally exposed putting the organization at risk. The more the users use Confluence, the more challenging content organization becomes. Without the use of the Secure Content macro, we've seen teams use page restrictions, complex page trees, page or excerpt include macros to manage confidential information. The downside to this approach is the lack of structure it creates inside of Confluence. If there are several restricted pages created separately from the page discussing the primary topic, not only does this make the content severely disorganized, it introduces an unnecessary risk of accidental exposure of sensitive information. In order to prevent clutter inside Confluence spaces and mitigate risk, Secure Content protects sensitive information inside the relevant page eliminating the need to create or reference additional pages. 

Secure Content for Confluence Server and Data Center can mitigate this risk with its inline content encryption and robust, yet flexible, permissions. To ensure content is only visible to authenticated users, Secure Content blocks are encrypted before being stored in the database and are only decrypted when an authorized user provides their Confluence credentials. The Secure Content block evaluates the password and if it matches the user's Confluence password, it will authorize the user to either read or read and edit the content inside the block. Additionally, Secure Content uses symmetric AES encryption with a key that is determined when the plugin is first installed. This key is inaccessible even if a user has access to the Confluence Database itself. 

In addition to the encryption functionality, assigning permissions for a Secure Content block helps the owner of the block manage the visibility of each user or user group. There are two conditions that must be met before content is decrypted and displayed for a user or group. First, the user/group must successfully be authenticated using their Confluence password to access the block. Second, the user/group must have permission to read/edit content in the block. Aside from the owner of the block, who will always have read/edit permissions, both conditions must be met to give users entry into the protected content. 

Every Secure Content block is assigned a key. A Secure Content key is a self-made unique identifier that allows users to add the block on different pages with the same properties as the original block. This is especially useful for organizations that have hand-offs between teams. For example, an operations team may provide 24/7 support for their internal or external customers. During an incident, credentials to access or reboot a system can be easily shared in a central location and perpetuated to both business-hours operations personnel and off-hours operations personnel. This prevents sharing of credentials through unencrypted channels such as text message or email. It also prevents duplication of effort, allowing users to spend more time troubleshooting and resolving the issue. 

Combining security and collaboration, Secure Content for Confluence Server and Data Center is the perfect solution to managing sensitive information while leveraging the powerful collaboration abilities in Confluence. It relieves the administrative burden of managing Space and Page restrictions and mitigates the risk of exposure of sensitive information. It allows organizations to maintain an organized content structure without compromising the security of critical systems or personnel. Secure Content makes managing sensitive content inside Confluence organized and protected. Try it free from the Atlassian Marketplace here

If you run into issues with your Secure Content macro, please contact support@praecipio.com for troubleshooting help or information on Secure Content. 

Topics: atlassian blog secure-content-macro consulting-services
3 min read

Achieve GDPR Compliance with the Atlassian Stack

By Praecipio Consulting on May 25, 2018 11:00:00 AM

What is GDPR?

If any of your partners, employees or customers are citizens or businesses in the EU, its time to review your company's compliance strategy. The General Data Protection Regulation (GDPR) is a new European Union privacy standard that mandates the ability for someone to have access to their personally identifying information (PII) and have the ability to change the information or "be forgotten" by requesting the removal of that data. These requirements can make achieving backward compliance standards very difficult. This new privacy law will impact everyone, from C-level executives to new hires and likely every department to include Human Resources, Information Security, Compliance and more. Regulations surrounding GDPR will affect most organizations, large and small, regardless of whether your business does business directly in the EU.

With the right tools and know-how, companies using Atlassian products like Jira and Confluence can not only achieve forward compliance by the May 25, 2018 deadline but also attain assurance that pre-existing content is compliant as well.

Why GDPR?

GDPR was designed to strengthen and unify data for European Union residents, regardless of where their data is used, processed, or stored. GDPR essentially legislates a lot of common sense data security ideas, like minimizing the collection of personal data, deleting personal data when no longer necessary, restricting access, and securing data through its entire lifecycle. But compliance violations can have costly consequences including Fines and penalties Your organization can face damaging penalties of 4% of annual global annually or 20 mil. euros. 

The GDPR Checklist

Backward compliance

Praecipio Consulting has over 11 years of expertise in Atlassian products alone. As an Atlassian Platinum Partner, we have full-service solutions ready to go to get your organization's pre-existing Atlassian application data within GDPR compliance quickly and confidently.

Praecipio's Solutions Consultants come armed with the tools to identify, review, and address the content that may not be in compliance throughout your Atlassian stack. We will conduct a thorough scan of your application's existing data to include all version histories. We produce reports that help your teams identify violations, use that feedback to improve and refine our search algorithms to ensure the highest level of coverage possible.

  • Identify: we use tools and techniques developed in-house to locate potentially non-compliant data within JIRA, Confluence and other Atlassian applications.
  • Review: We then provide a detailed analysis and report of our findings and conduct a thorough review of potential violations with your team.
  • Address: Praecipio then incorporates findings from the review into further refinement of identification and generates an execution plan to redact pre-existing content to ensure compliance of your legacy data.

Maintaining Compliance in Confluence with Secure Content 2.0

Once your data is fully reviewed and in compliance, you'll need solutions to keep it that way. After all that effort and expense, you don't want to be one Confluence page edit away from a violation. For Confluence, Praecipio Software offers Secure Content 2.0 to easily secure and limit access to sensitive page content. We use 256-bit encryption to ensure any new content will not expose your organization to penalties in the future.

Your organization can invest considerable time and expense to get your Atlassian data GDPR compliant, but you'll need the tools to keep it that way. Praecipio Software's Secure Content Confluence App, available on the Atlassian Marketplace, gives your team an easy and safe way to store content securely that is both encrypted and with granular-level access control. This means sensitive data is securely encrypted on your database and access set by the author at the group or even individual level.

Secure Content is designed for robust security and ease of use. Ideal for shared, sensitive content such as passwords, data, reports - anything you need to restrict access to; anything that would likely fall under the 'identify and remove' GDPR regulation requirements.

Features Include:

  • Owner Report macro: See all your Secure Content in one place. Drop it on any page and be a click away from all of your Secure Content across the entire Confluence instance for time-saving administration and editing.
  • Transferable ownership: Control of Secure Content blocks can be optionally transferred by the Confluence administrator if needed. Or the owner can lock it down to make sure they maintain complete privacy and control, even from Confluence administrators.
  • Implicit rendering: Less sensitive but still protected data can be optionally made to render automatically with the rest of the page content but only to Authorized users.
  • Access request: Non-Authorized users can request access with a single click, alerting the content owner immediately for action via Confluence notifications.

Custom Compliance Solutions

Praecipio Software's custom development solutions can be engaged as well to address your organization's unique GDPR data security and compliance concerns.

Topics: atlassian blog assessments confluence process-consulting secure-content-macro consulting-services
1 min read

The Secure Content Macro for Confluence

By Praecipio Consulting on May 16, 2013 11:00:00 AM

That’s right, our highly anticipated Secure Content Macro is now available on the Atlassian Marketplace. Secure Content allows you to securely display sensitive data to the right people at the right time anywhere in Confluence.

How does it work?  Secure content blocks are stored, encrypted in the database, and are only decrypted when an authorized user provides their credentials. Users must be logged into Confluence to be able to decrypt a secure content block. Secure Content uses the currently logged in user and ensures that the provided password matches the user’s Confluence password. It’s that simple!

We’re thrilled for the release of this amazing plugin and hope you find it as useful as we have. Click here to download and begin collaborating in secret.

 

 

 

Topics: atlassian blog confluence marketplace secure-content-macro macros

Praecipio Consulting is an Atlassian Platinum Partner

This means that we have the most experience working with Atlassian tools and have insight into new products, features, and beta testing. Through our profound knowledge of Atlassian environments and their intricacies, we can guide your organization as you navigate these important changes.

atlassian-platinum-solution-partner-enterprise

In need of professional assistance?

WE'VE GOT YOUR BACK

Contact Us