To create a policy,
Click Create new Policy. A New Policy page displays.
Give the policy a name and description.
DLP policies are a set of rules that include specific conditions, actions, and exceptions that monitor and filter data. DLP policies also enable you to remediate any leakage of sensitive information from within your organization.
You can set up policies to scan data that is sent through some or all applications within your organization.
You can configure policies and choose to not apply them all the time.
Before you define a policy, or a set of policies, we recommend that you define the objectives of each policy, which can then be fulfilled when you configure the policy.
Here are a few important questions to ask before configuring your policies:
What data do you plan to monitor?
Where within the organization do you want to monitor?
What should be the scope of each policy?
What conditions must apply for the policy to match?
What exceptions/exclusions can be allowed?
What remediation actions should the policy take?
You can now configure policies on the Confluence integration to determine which workspaces and pages must be monitored, and which ones excluded. You can also automate the remediation actions that you want Nightfall to perform on a policy violation.
Configuring DLP policies on Confluence involves the following steps:
Refer to Creating Policies for the procedures to configure policies for Nightfall for Confluence.
Policy scope includes all the spaces that the policy monitors within Confluence. You can configure to include or exclude pages or spaces from the policy scope.
Select Everything or Choose Spaces.
You can add the pages you want to exclude from scanning by the policy
Click Choose Pages to select the Spaces that must be included in the policy.
Enter the Pages and projects separated by comma.
Click Add to complete defining the policy scope.
Now you must create the detection rules that define the types of sensitive data that Nightfall scans and capture any violations. A detection rule can be one detector or a combination of detectors and confidence levels/findings that will define a violation or finding and record it.
To learn more about Detection Rules and how to set them up, refer Detection Rules.
Nightfall recommends configuring a simple detection rule to start with.
To create a Detection Rule,
Click Detection Rule.
Select one or more rules and click Add. Nightfall DLP for Confluence allows for a maximum of 10 rules within a detection policy.
Click Add. The Detection rule is created and displays in the policy. Now you can configure the actions that Nightfall must perform on violations that the detection rule finds.
Google Drive's accesss management is driven by permissions that different users have within your organization.
To configure permissions,
Select the permission options.
Select who the permissions are shared with.
To allow specific users or groups, click Users and Groups.
Click Confirm.
Nightfall DLP for Confluence provides the following actions that can be performed on violation findings:
Notifications to the ticket editor via Slack or Email.
Supported as a manual and automated remediation action.
Attachment is deleted.
Not supported on tokens within fields and comments.
Supported as a manual and automated remediation action.
No text to convey file was deleted.
Supported on ticket fields and comments. Un-supported on attachments and labels. Ticket history is not redacted.
Supported as a manual and automated remediation action.
Text added to convey redaction - [Sensitive data redacted]
Select the automated actions you want performed. Now, you can configure alerts.
