Help

This Product Ideas board is currently undergoing updates, but please continue to submit your ideas.

MAJOR SECURITY HOLE IN AIRTABLE: Any collaborator (even read-only collaborators) can steal 100% of your data with one click

cancel
Showing results forย 
Search instead forย 
Did you mean:ย 
ScottWorld
18 - Pluto
18 - Pluto

This thread made me realize that we should probably have an option to PREVENT collaborators (particularly read-only collaborators) from being able to easily duplicate an entire base.

When we share read-only links to bases or views, we have that option that we can uncheck that says: โ€œAllow viewers to copy the data in this baseโ€ or โ€œAllow viewers to copy data out of this viewโ€.

But it would be nice if we had that same feature for collaborators.

48 Comments
George_Copelan1
6 - Interface Innovator
6 - Interface Innovator

Yes, 110%. It doesnโ€™t make sense to me why Airtable wouldnโ€™t include this simple feature when itโ€™s clearly already available with link sharing. All they need to do is add the same checkmark functionality either per-user or make it default that only the โ€˜creatorโ€™ role has permission to CREATE a copy :winking_face:

I feel like this would be a big :triangular_flag_on_post: for any organization that has any form of sensitive information or proprietary nature to how they do business. Their current solution is โ€œcopy and pasteโ€ any data you want someone to have access too but not have access to copying all your dataโ€ฆ yikes.

I suppose an alternative solution could beโ€ฆ If they had a way to โ€˜mirror data from a view or table to a separate special-use baseโ€™ that kept up with all the updates and didnโ€™t require constant upkeep, I suppose that would work tooโ€ฆ but at that point, why not just link bases :winking_face: to me, there is no simpler (obvious) solution then just to implement the feature above. Creators should be able to create, period.

Hopefully, they get this implemented sooner than later because as a marketing agency we canโ€™t afford for someone to just walk away with our โ€˜agency in a boxโ€™ weโ€™re trying to build. So it makes our lives very clunky currently having to avoid that and Iโ€™m even considering moving away from air table to a custom solution if the pain continues to increase as we grow, because itโ€™s lacking this one simple feature!! So hopefully they fix it sometime soon, so we can continue to remain a loving user :slightly_smiling_face:

ScottWorld
18 - Pluto
18 - Pluto

Totally agree with you. This is actually a really big security hole in Airtable, and in my personal opinion, it should be addressed ASAP.

The proprietary data of a business is often its most important core asset. The fact that Airtable makes 100% of this data instantly 100% copyable in its full 100% entirety to even the lowest level of employees (read-only employees) is one of the biggest security risks, security holes, and :triangular_flag_on_post: :triangular_flag_on_post: :triangular_flag_on_post: of the Airtable platform.

But the fact that Airtable allows any level of collaborator to instantly duplicate THE ENTIRE COMPANYโ€™S DATA IN ONE CLICK is just as misguided as letting the lowest level employee be able to do it.

As a business owner, none of my employees should be able to run off with all of my companyโ€™s data with one click of one button.

This security hole could potentially make Airtable a non-starter in organizations that are more than a solopreneur โ€” or more than a mom & pop organization run by LITERALLY a husband & wife who implicitly trust each other (and who do not foresee divorce in their future).

Another example to build upon your marketing example above: could you imagine a gym where one of the personal trainers could grab all of the gymโ€™s customers with one click?

There is no other database platform that makes it possible or this easy for ANY USER OF THE SYSTEM (including read-only users) to copy the ENTIRE SYSTEM with one click of a button.

And, of course, giving users the ability to select all the records in an entire table with one click, and then being able to press command-c to copy all of those records (immediately prior to pasting those records into an external text editor) is also a deal-breaker. Itโ€™s actually the exact same problem as duplicating an entire base. Copying entire records โ€” particularly copying all the records in an entire base โ€” is never allowed (by default) in other database systems.

So this security hole applies to 3 areas of the product, in order of importance:

  1. Duplicating an entire base.
  2. Exporting a CSV file of an entire table.
  3. Selecting an entire record โ€” or all of the records โ€” in an entire table and being able to press command-C to copy all of the tableโ€™s data with one click. (And then, instantly being able to paste all of that data into an external text editor.)

All 3 of these options are available to all collaborators, including read-only collaborators.

I already predict that somebody might try to make this point:

โ€œWell, if someone can SEE all of your data, then they already have access to all of your data anyways!โ€

Well, yes, thatโ€™s โ€œtechnicallyโ€œ trueโ€ฆ and it would be amazing someday to have record-level permissions built into Airtable.

But there is a night-and-day difference between one-click duplication of an entire companyโ€™s data vs. forcing someone to scroll through 5,000 records and individually taking screenshots of each recordโ€ฆ or forcing someone to manually scroll through 5,000 records to manually copy data out of each field one field at a time โ€” and then having them manually repeat that process for every record in every table.

The task of stealing all of your companyโ€™s data should be as difficult & unwieldy as possible, which acts as a deterrent.

The โ€œpartialโ€ good news here is that this security hole can be solved by having your users interact with Airtable entirely through Stackerโ€ฆ but thatโ€™s a pricey solution and your users will end up losing the overwhelming majority of the features of Airtable (blocks, interacting with Airtableโ€™s user interface, all the different types of views, instantly updating data in real time, etc.). Stacker is really best-suited as a customer portal for customers to see their own customer data, not for internal employees to interact with an entire database.

@Jason @Kasra @Aron @Adam_Minich @Katherine_Duh @VictoriaPlummer How can I best escalate this security issue to the internal engineering team at Airtable?

Again, this security hole applies to 3 different areas of the product:

  1. Duplicating an entire base.
  2. Exporting a CSV file of an entire table.
  3. Selecting an entire record โ€” or all of the records โ€” in an entire table and being able to press command-C to copy all of the tableโ€™s data with one click.

All 3 of these options are available to all collaborators at all times, including read-only collaborators.

Thanks! :slightly_smiling_face:
Scott

ScottWorld
18 - Pluto
18 - Pluto

p.s. This large security risk also sort of ties into the much smaller security risk here, which is that collaborators can share the base with anyone, without the other collaborators being alerted to it.

George_Copelan1
6 - Interface Innovator
6 - Interface Innovator

I love and support your response! Thank you for helping voice this concern. Hopefully that solve the security risk sooner than later :slightly_smiling_face:

ScottWorld
18 - Pluto
18 - Pluto

Disappointingly, I just had an email conversation with Airtable Support (whom I do not believe is very good, because they seem to have less of an understanding of the product than most of the people in this community), and they couldnโ€™t even understand the problem that I was describing to them. I even linked them to this thread.

They were like, โ€œJust make your collaborators read-onlyโ€, and I was like โ€œNo, youโ€™re not understanding the problem โ€” the problem still crops up with read-only collaborators. ANY collaborator can steal all of the data from a system by just duplicating the base, exporting the base, or copying/pasting all the records. One-click theft of an entire system."

And they were like, โ€œWell, we offer the ability to turn off creation of new records for users." And I was like, โ€œNo, youโ€™re not understanding.โ€

:man_facepalming:t2: :man_shrugging:t2: :man_facepalming:t2: :man_shrugging:t2:

Iโ€™m not sure if my frustration could get much higher, but Iโ€™m sure it probably could. Lol! :joy:

Bill_French
17 - Neptune
17 - Neptune

Iโ€™m typically blocked by the community for using metaphors and I can think of three Dennis-Miller-isms that would be ideal right about now.

In any caseโ€ฆ who thinks this is a good idea?

image

I believe the creator of a base copied by a read-only user has no idea that a 3rd party has full access to the content. I think this is possible today despite the recent security updates, and I think itโ€™s really problematic.

ScottWorld
18 - Pluto
18 - Pluto

Thatโ€™s a fantastic illustration!! :slightly_smiling_face:

It will be completely 100% lost on Airtable Support. :cry:

Bill_French
17 - Neptune
17 - Neptune

Perhaps. But management? Thatโ€™s a different story. Letโ€™s hope they boost this up to clear and present danger.

The argument that many will make is that in any trusted network of people, content can be copied and shared without authority and without notification. Thatโ€™s a fine argument for a chart image you just shared with another person in your company in confidence. It was shared with a read-only intent and that trusted person decided to make it known to another person whom the creator had no intention of ever sharing.

Itโ€™s a violation of trust concerning a digital artefact; happens all the time and no one โ€“ not even with the vast resources of Microsoft โ€“ can prevent this from happening.

image
This is an entire database shared without authorization in a few clicks. It ostensibly provides the thief with a fully gassed truck, the keys, a lift-gate, and a prepaid FastPass for the HOV lane.

Airtable โ€ฆ this is not your best work. You have a duty to make this as hard as possible. And even when it approaches the difficulty of a daylight break-in at Fort Knox, you have to notify base creators of the breach in real-time.

Michael_Andrew
7 - App Architect
7 - App Architect

Upvote. Huge security hole.

ScottWorld
18 - Pluto
18 - Pluto

Right, Iโ€™ve already addressed this argument above:

Again, this security hole applies to 3 different areas of the product:

  1. Duplicating an entire base.
  2. Exporting a CSV file of an entire table.
  3. Selecting an entire record โ€” or all of the records โ€” in an entire table and being able to press command-C to copy all of the tableโ€™s data with one click.

All 3 of these things can be done instantly, with one click of the mouse button, and can be done by read-only collaborators.

This makes Airtable a complete non-starter for most businesses. Airtable might not take security seriously, but security risks are a huge concern to most of the businesses that I work for.