Help

Anyone who can edit can share your data? Is this accurate?

944 2
cancel
Showing results for 
Search instead for 
Did you mean: 
testtest49
5 - Automation Enthusiast
5 - Automation Enthusiast

Hello,

I have been building a database for my small newspaper/publishing company. We want to track accounts information, ad orders and runs. It's important information.

It seems to me on the pro plan that anyone can share any table by default is they're able to add data?? How can this be? Is there a workaround?

 

If I hire someone, they could theoretically share the data with someone else or clone the entire database without my knowledge? I've read the other posts and documentation and this seems to be the case...

Can anyone enlighten me on this? It's such a glaring issue that it is making me stop the Airtable process. Is this better controlled in Enterprise?

2 Replies 2

Whenever you grant people access to information, they can share that information with other people without your consent. That’s not something that is new or unique to Airtable. Just like any other platform, you need to be intentional about who is allowed to access what parts of your data. Airtable, like most software in 2023, is reasonably secure and also provides very little protection against an employee who is willing to risk the consequences of violating the terms of his/her employment (which presumably would include things like sharing sensitive company data). Unfortunately, that too is neither new nor unique to Airtable.

You can use interfaces to allow people to access and update the data they need to do their jobs without allowing them to access the underlying base. That, coupled with the judicious use of forms, can take you a very long way and might even save you money because you may not need as many Creator/Editor/Commenter roles as you have now. You might also benefit from building a portal using MiniExtensions/Softr/Bubble/Pory/Stacker/Webflow/etc.

If you're looking for someone to help you visualize what solutions might work for your individual use case, I would suggest posting something on the Job Board for that.

Yes, if you add someone as an editor to your base, that person can duplicate your base without your knowledge, gaining all of your data and schema in a matter of seconds with a few clicks. In fact, the same is true even if you add the person as a read-only user.

An existing editor can also add another editor to you base and you will be charged for that additional user with no warning. 

If you have an enterprise plan, you can prevent both situations with two simple toggles per this support article. If you do not have enterprise, I described some ways of keeping data private here