Sensitive Data - feels like a pretty big issue in airtable

Hi, It feels really strange that when a user uploads data to my platform, anything from passwords/bank details /insurance policies, I (and my team) can just view their data without any blockers.

Am I missing something?

Surely no client is going to want to input sensitive data if the people who run the platform can view it with ease?!

Any help would be appreciated

Thanks

Welcome to the Airtable community!

Nope. Airtable was designed to allow for easy collaboration and is based on the idea that all collaborators can be trusted to view all data in the base. This is slowly evolving, but Airtable still should not be used to store private or sensitive information that some collaborators should not have access to.

1 Like

Hi @Jack_Sitwell,
You bring up some great points. If you grant access to your base that user has access to the base data. Even with permissions they can still download the data. That said you have to be careful about how you store sensitive data.

There are work arounds, like creating a sensitive base that only you can access, and syncing only pertinent records from that base.

Thanks, is there a solution to this? a way to encrypt the data?

I’m looking to build a platform for users to upload specific sensitive data (like a niche password vault), i just don’t think anyone would trust a platform if the owner can view their data.

Along the same channel of @kuovonne’s response, the weakest part of your data security procedures are you, your team, and your users.

You have to remember that Airtable is first a collaboration platform that happens to be built on the structure of a database.

We all had a slightly similar conversation in this thread, where the sentiment is primarily the same.


I’m going to go on a bit of a brain dump since this has been on my mind lately, but I think it’s contextually applicable to the conversation of data security, and I think that there’s a good chance that people in the future will find these threads with similar concerns.

Thus I think they’re important for thinking about how we as users, consultants/freelancers, admins, and developers can ensure security and how Airtable as a platform and company handles our data.
More importantly, these conversations set a precedent in continuing to push for more powerful tools for managing user permissions and data security

As I’ve spent more time working with data and building solutions for a vast array of teams in unique industries, I’ve spent more and more time thinking about data security.

When working with larger teams and organizations, I now keep a list of things down when I “score” infosec.

  • Does this workspace/base store PII?

    • What’s the confidentiality impact level?
    • Do my users know that the data is PII?
    • Does this industry operate under regulatory compliance standards? A few companies/teams I’ve worked with are subject to:
      • HIPAA
      • CCPA
      • SOX
      • FISMA
      • ISO 27000
  • Does someone have an invite into or access to this base or workspace?

    • Who is responsible for inviting new users?
    • Who is responsible for off-boarding users?
    • Are we auditing user access?
  • Are there any viewing links? Where are they? What are they for?

    • Are those viewing links domain or password restricted?
    • Do they allow for base syncs?
  • Who has developer & scripting permissions? Why?

    • Are they getting PRs or code reviews?
    • What do their scripts or applications do?
  • What integrations are active? Who owns the API keys?

    • What data are we syncing out of Airtable into other possibly unsecured systems?

Many of these things aren’t available outside of enterprise accounts, which I view to be a huge failure in supporting small businesses or teams that cannot afford the $36,000 enterprise startup fee but still need to confidently manage access to sensitive d,ata not just defined as PII.

That being said, asking these questions keeps me (and, by extension, those I work with) aware of the potential risks of sending someone what seems like a harmless shared view.

We can often get so caught up in building and pushing the boundaries of what’s possible with platforms like Airtable that we can easily forget how to retain boundaries that keep us, our clients, and our teams safe.


There’s this idea - Field-level Encryption: Does Anyone Care?

This topic was solved and automatically closed 15 days after the last reply. New replies are no longer allowed.