Get product advice from experts

Ask a question →

Join a community group

Find a group →

Advance your career with learning paths

Take a free class →

Earn badges and rewards

Connect and share ideas at events

See the calendar →

Community
Products
Confluence
Questions
private, truly private Confluence space

private, truly private Confluence space

is there a way to make a Confluence space private, really private? I mean is there a way to hide the pages of a Confluence space even from Confluence administrators but keep the Confluence administrators allowed to manage the space ?

1 answer

2 votes

No. To do their job, an administrator needs to be able to, well, do admin. That includes the ability to change permissions in ways that could grant people (including the admin) the rights to see any page in the space.

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

@Nic Brough -Adaptavist-

yes this is a big problem, a classic IT problem. My client would like to manage HR records for employees and obviously in that case a Confluence sysadmin could potentially see all the confidential notes of each employee in the company.

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Like

No matter what you do, you have no choice but to trust your admins. Even if you set up a separate Confluence, you'll still need to trust the administrators of that Confluence.

This is not a problem anyone solves by crippling people's ability to do their job, you need to have procedures and human controls in place to ensure you can trust your admins.

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Like • Consulente Atlassian likes this

@Nic Brough -Adaptavist- in a nutshell is what I told my client. Few Confluence admins can be counted on the fingers of one hand. And trust.

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Like

Why are you (well, your client) giving admin access to people they can't trust?

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Like • Consulente Atlassian likes this

@Nic Brough -Adaptavist- no, it's not that, it's that I come from a military background. Access information only if you have a need to know and only for as long as necessary. I expect this to work in enterprise applications. Lotus Domino for example already did this in 1986... you could administer permissions and content without having to see it.

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Like

I've worked in those environments too, and I can tell you that you need the people and processes to trust your admins.

Your example of Lotus Domino is no better than what Confluence can do. If you're a Domino admin, you can always configure the system to allow yourself in. You have to trust your admins.

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Like

Reply

Suggest an answer

Log in or Sign up to answer

Was this helpful?

Thanks!

DEPLOYMENT TYPE

SERVER

TAGS