Data Storage and Transmission
This article covers one of the major concerns with any migration tool: handling of data.
WikiTraccs handles data securely.
Big Picture
WikiTraccs is a console application that connects to both Confluence and SharePoint Online during the Confluence to SharePoint migration.
It downloads content like pages and attachments from Confluence to a local directory. It processes this locally stored data and uploads it to SharePoint Online.
Where does WikiTracc run? Is it a cloud service?
WikiTraccs is not a cloud service. WikiTraccs is a .NET-based console application that runs on a Windows workstation of your choosing.
The workstation WikiTraccs runs on can be any machine: your VPN-connected laptop at home, an on-premises server, a cloud VM - as long as it can connect to and authenticate with both Confluence and SharePoint Online it will work.
And because this question sometimes comes up: No, WikiTraccs does not need to run on the Confluence server.
Where does WikiTraccs store data? Is data being sent somewhere?
WikiTraccs stores data locally on the workstation it is running on.
This locally stored data includes:
- page contents
- attachments
- log files
- cached data and temporary files
There is no cloud storage involved, apart from SharePoint Online as migration target. Other migration tools use Azure or third-party storage solutions as temporary storage location before data is being moved to SharePoint Online. WikiTraccs does not do that. It directly uploads to SharePoint.
The data never leaves the workstation, except for SharePoint Online, which is the target of the migration.
What level of encryption is used for data at rest?
Data at rest in the context of WikiTraccs is content stored on the workstation that is used to perform the migration and to run WikiTraccs. This data is not encrypted and can potentially be accessed by users of this workstation, depending on file system access permissions.
How is data transmission secured?
Connections use TLS version 1.2. For Confluence, some clients run their instance disconnected from the internet and connect via HTTP from their internal network, which WikiTraccs allows.
WikiTraccs uses the Confluence REST API as well as the SharePoint Online API and Microsoft Graph, when it comes to transmitting migrated content.
A complete list of endpoints used by WikiTraccs is shown in the Endpoint Reference.
Can WikiTraccs access all my data?
No, WikiTraccs can only access data you choose to let it have access to.
The access level of WikiTraccs depends on the migration accounts you choose for Confluence and SharePoint.
When starting a migration, you will authenticate with one user account in Confluence, with another user account in SharePoint. Since WikiTraccs accesses data in the context of those user sessions, it can only see what those accounts can see.
Example for Confluence: when starting the migration, you log in with an account that can only see pages from one space. WikiTraccs will only be able to migrate this one space since it cannot access other spaces.
Example for SharePoint: when starting the migration, you log in with an account that is site admin for all migration target sites, but doesn’t have access to other sites in the SharePoint tenant. WikiTraccs now also will only be able to access the migration target sites. Nothing else.
Can Wiki Transformation Project or Heinrich access my data?
No, unless you actively send it to me.
Where can I get an architectural overview, like, a diagram?
Please have a look at the Security article, which dives deeper.