Guard Detect sends an alert when potentially sensitive data is detected. The alert includes an excerpt of the sensitive data to help you investigate. If you determine that the data is sensitive and should not be stored in Jira, you can choose to redact the data directly from the alert.
When you redact, the sensitive data is deleted and replaced by a solid bar, and can’t be restored. What happens when data is redacted?
Who can do this? |
Redact from an alert
The data that will be redacted is highlighted red in the excerpt. If there’s more than one instance of the sensitive data in the Jira work item, you’ll be able to choose which instances to redact.
To redact sensitive data from an alert:
In Guard Detect, select Alerts from the header.
Navigate to a content scanning alert.
Review the highlighted sensitive data and investigation steps to determine if the data should be redacted.
Select Redact.
Choose which instances to redact.
The sensitive data will be deleted and replaced by a solid bar in the fields where it appeared and in the issue history. This can take a few minutes. We’ll let you know when it’s complete.
Each instance of the sensitive data is highlighted. This is the text that will be redacted. A few words of context help the analyst determine if the data is sensitive.
When you select Redact you’ll have the option to select which instances of the data to redact.
Considerations
There are a number of things to consider when deciding if redaction is the right remediation option for your organization. It’s just one of several ways you could choose to handle sensitive data.
Once redacted, the sensitive data cannot be restored. The text highlighted in the alert snippet is the exact text that will be deleted from the Jira work item. It’s not simply masked or sent to the trash.
We can only redact history for the past ten days. If the sensitive data was added more than ten days ago, it will still appear in the history, so you may choose to remove the data manually.
The user who added the sensitive data to the Jira work item will be notified that sensitive data has been redacted. The notification includes the name of the person who performed the redaction.
Permissions required to redact content
In order to redact sensitive data, the Guard Detect admin must have access to the Jira product instance.
Additionally, if project permissions or issue-level security prevents the Guard Detect admin from seeing the Jira work item, they won’t be able to see the sensitive data excerpt or redact the data.
As a workaround, you may want to create an account that can access everything in your Jira products.
Troubleshooting
If the redaction request fails for some reason you can remove the sensitive data manually. Some of the reasons redaction may fail include:
Too many instances of sensitive data in the item.
Inconsistent formatting or the sensitive data is contained in a code block.
The sensitive data was manually removed after the alert was sent.
Remove sensitive data manually
To remove sensitive data manually in Jira:
In Jira, edit the field that contains the data.
Remove the data and save your change.
You won’t be able to manually remove the sensitive data from the history. If that’s necessary, we recommend you clone the work item and then delete the original. This approach means all history of edits to that issue are lost, and the cloned issue will get a new issue key.