What are the best practices with Confluence restricted pages regarding outsourcing?

We have sensitive information on our Confluence we don't want to share with anyone who has access to our instance.

Today each space administrator has his/her specific scheme to handle that. But now we want to standardize the "security" scheme of every space.

Has anyone any thought about this topic? any reference about best practices?

 

Thank you in advance

1 answer

1 accepted

This widget could not be displayed.

Best practise is to create groups, with each group having view permissions to just the spaces that the people in that group should be able to view.

Add users to the appropriate group(s) in the User Management console.  Then they'll only be able to see the spaces that the group(s) they're a member of can view. 

Remember to remove the confluence-users groups from the permissions for each space, as this is the default group that everyone is a member of.

Thank you for your answer

A good very way to start the discussion smile

That way, you implement security at the space level.

 

But my concern is also about the security within the space.

I'm aware about page restrictions but I wonder how would you structure a confluence space to limit access to some "sub-spaces"

To structure a space so that people can only see parts of it you need to understand Confluence's inheritance and cascading structure.

Page permissions use inherited and cascading permissions.

"Inherited permissions" means pages you create inherit their permissions from their parent page.

"Cascading permissions" means changing a page's permissions will change the permissions of the existing child pages as well.

All new child pages inherit their permissions from their parent.

Changing the View permissions for a parent will cascade to all existing child pages, unless you've set specific permissions on those child pages individually.

Changing the Edit permission for a parent will NOT cascade to existing child pages. If you want to set Edit permissions on the child pages you'll have to do it on each page individually.

 

Does that cover what you want to do?

Yes, thank you for your insights

Suggest an answer

Log in or Sign up to answer
Community showcase
Posted Monday in Confluence

Why start from scratch? Introducing four new templates for Confluence Cloud

Hi my Community friends!  For those who don't know me, I'm a product marketer on the Confluence Cloud team - nice to meet you! For those of you who do, you know that I've been all up in your Co...

403 views 4 6
Join discussion

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you