Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
Community Members
Community Events
Community Groups

Is Confluence FINRA WORM compliant?

Daniel EG I'm New Here Aug 18, 2022

I'm trying to figure out if Confluence is FINRA WORM compliant. FINRA WORM compliance refers to FINRA regulations that stipulate that digital records and communications must be stored on WORM media, and that firms must make data available for discovery and provide audit trails of data access, use and destruction.

More about what WORM storage is...

Standing for ‘write once, read many’, WORM storage describes the way of storing data so it cannot be tampered with once created. Therefore, to have WORM compliant storage, firms have to have a system in place that means these records are unalterable and can therefore not be rewritten or erased. At the same time, users must be able to easily access and read this data.

A good way to think about WORM data storage, is that anything stored this way is effectively a snapshot of data frozen in time.

For firms that are serious about WORM compliance, an increasingly popular strategy is the use of cloud-based solutions. Rather than relying on physical records (such as hard drives or physical papers) that can easily be destroyed or interfered with, cloud-based WORM compliant storage is allowing firms to make their data more easily accessible while still protecting it.

A huge benefit of WORM data storage that uses cloud technology is it frees up physical space and means these firms can more easily scale up their storage (rather than having to buy another floor in a building, a business with more records to safeguard can simply purchase a greater share of a cloud).

1 answer

Comments for this post are closed

Community moderators have prevented the ability to post new answers.

Post a new question

1 vote
Jack Brickey Community Leader Aug 18, 2022

Hi @Daniel EG ,

IMO, A question like this is generally best answered by Atlassian directly - 

while the community could provide insight into this if it is mission critical insecurity related then the question belongs with Atlassian.


Atlassian Community Events