Skip to main content

Im making a airtable system, for a friend of mine.


It deals with quite sensitive data…


Is there a way to make sure an editor can’t just duplicate a whole his base including all records into their own workspace, but still be able to edit records?

Did you ever get a response to this issue? We’re facing the same dilemma


Did you ever get a response to this issue? We’re facing the same dilemma


Unfortunately not.



We’re sofar working under the pretence that no-one would ever think of it being an option… And sofar it haven’t been a problem.


But guess it’s like an insurance; you never need it until it’s too late…


That’s crazy. It’s a huge security issue. That way the sensitive info of clients can be easily duplicated multiple times by multiple (nested) invites. I cannot understand why Airtable does nothing about it. No need to be genius to steal the whole CRM


your question is sub-feature of a major long running feature request Advanced User Permissions


your question is sub-feature of a major long running feature request Advanced User Permissions


thank you Michael. Do you know if it is possible to see whether the base has been copied? Some kind of history


thank you Michael. Do you know if it is possible to see whether the base has been copied? Some kind of history


I’m pretty sure no, but I’d suggest you try to copy a base with multiple users on it and see if anyone gets a notification that they are part of a ‘new base’


It is a big problem for us, I can’t understand why we don’t have a way to block “duplicate base” feature.


It is a big problem for us, I can’t understand why we don’t have a way to block “duplicate base” feature.


Is this still an issues in 2021?



If so, this needs to be addressed. This is kind of a deal breaker.


Is this still an issues in 2021?



If so, this needs to be addressed. This is kind of a deal breaker.


I’m actually not sure, I’ve just continued on the assumption that no-one would do such a thing… 😬


It is a big problem for us, I can’t understand why we don’t have a way to block “duplicate base” feature.


I agree, and in a GDPR context, it’s uncompliant 🙃


Yep, it’s one of the major security holes in Airtable (yes, there are more of them).



You could use a portal tool like MiniExtensions.com to create a more secure user frontend for Airtable, but then you lose all of the interface benefits & most of the features of Airtable.



I would recommend that people keep emailing support@airtable.com about this issue. Although it’s been 6 years and they haven’t cared enough to address this issue, so it’ll likely never happen.


Reply