Hi,
the Activity Stream respects the permissions. That means, if you have project, where Finance and IT will discuss the sensitive informationen, only the users that are allowed to view this issues/comment/... (have the Browse Project permission/are in the right security level/...) will see this in their Activity Streams, all other users won't (this is somehow consistent, because if the user can see the issue/comment, he can get this information anyway by checking the issues manually).
So, if the project permissions can be set, so that only Finance and IT are allowed, there is no problem with the activity stream. If you need to have, for example, Software Engineers to be allowed for this project, you need to get some restrictions, as there is issue security or making comments restricted to some roles/groups .
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.