Which section would you like to be your default page?
Close X
Intuit QuickBase Home Page
Twitter Updates
More »

Security… can you tell us more?

By Peter Fearey | Posted on September 5th, 2006

Wow, first, THANK YOU for all the great feedback on the "annual review" question. It was a nice shot in the arm for the team. I have this theory on the type of folks we hire here… “A students”… always look at what needs to be done and tend to forget about what has been done. I’m really glad that you reminded them of the terrific work they’ve done this year and in the years past! As for your annual review… QuickBase has the best customers!!! You all get A+ for active, thoughtful participation!

Speaking of stuff to be done though… one theme in what you wrote is security. This is also a hot topic in the industry (software-as-a-service and software in general). Baseline magazine recently had a good, brief Q&A with Howard Schmidt (a top security expert from eBay and Microsoft). In this article, I noticed a focus on the enterprise as a large group of individuals, rather than the enterprise as a big box we can fortify and control. For example, he talks about encryption, which is an "edge" strategy, as it happens not only on the corporate systems, but on the laptops of individuals. And, he talks about accidental data leakage by “personal” systems, etc.

Following Schmidt’s lead, QuickBase is a platform, where you have the ability to control access to your data. We both have critical roles in the security of your data, which leads me to the following questions:

1.    Do you use any other hosted applications? If so, who makes you feel the most comfortable about their security and why?

2.    What have you done in your own company that makes you feel secure about your data and why?

3.    What would you like to see as a security statement on QuickBase? How often would you expect this to be “audited”, if at all?

4.    What practices and processes have you put in place for your QuickBase applications to control access to data? Are those different from your internal systems?

5.    What are the additional product features that would make you feel more secure when using QuickBase?

Did I miss any key questions or thoughts?

Because I know security is a sensitive issue. If you want, you can send me your responses directly. Intuit’s email convention is firstname_lastname@intuit.com. For those of you who don’t know me, my first and last name are after the "Posted by" at the end of this post. :-)

Also, for anyone new to QuickBase, QuickBase has many capabilities to allow you to control access to your data. If you have questions, please submit a Support request if you are a current customer or ask your Application Specialist about it if you are in a trial. Also, you can check out our Security Statement for the basics on what we do on our side.

About Peter Fearey

  • Ivan Uhrin

    Hi Jane,

    I am using this way for request of help therefore option Support under Help option is not working. Problem described below has connection with security inside company.

    Description of stage:
    We have in QuickBase one role, for group of persons which have special rules. For each person of this role exist own view where is allowed to view complete records (all fields)if this record meets condition with name of person in this view is allowed to edit some special field. For all person of this role exist common view where is allowed to view all records of database but not complete (only some not sensitive fields).

    Description of problem we have and we need to solve it:
    If person of above mentioned role are using option “FIND” then they are able to see any complete records, the conditions for views are not valid. I don know how to restrict ability for this option “FIND”. Found record is possible see completely after pushing button “DISP” or “EDIT”. Could you give me some advice how to solve this problem?

    Ivan Uhrin

    [Reply]

  • Ivan Uhrin

    Hi Jane,

    I am using this way for request of help therefore option Support under Help option is not working. Problem described below has connection with security inside company.

    Description of stage:
    We have in QuickBase one role, for group of persons which have special rules. For each person of this role exist own view where is allowed to view complete records (all fields)if this record meets condition with name of person in this view is allowed to edit some special field. For all person of this role exist common view where is allowed to view all records of database but not complete (only some not sensitive fields).

    Description of problem we have and we need to solve it:
    If person of above mentioned role are using option “FIND” then they are able to see any complete records, the conditions for views are not valid. I don know how to restrict ability for this option “FIND”. Found record is possible see completely after pushing button “DISP” or “EDIT”. Could you give me some advice how to solve this problem?

    Ivan Uhrin

    [Reply]

  • http://www.quickbase.com/ Jana Eggers

    Hi, Ivan,

    I’ve asked the Support team to get in touch with you to understand why Support isn’t working for you.

    Regarding your comment on security, what you are describing (and our Support team will follow up with you on this as well) sounds like you need to work on field (and possibly record) permissions in your QuickBase application. Restricting Views to a role is not a form of data security. Restricting Views for a role is about focusing the end users on the Views they need for their job… to make their job more efficient. These help topics should get you started:

    Field restrictions: https://www.quickbase.com/help/about_restricted_fields.html
    Record restrictions: https://www.quickbase.com/help/creating_a_custom_rule.html
    Group record permissions: https://www.quickbase.com/help/assigning_group_records_access.html
    Associating views with roles: https://www.quickbase.com/help/specifying_views.html (Note this one isn’t about data protection, but describes why you limit views, i.e., for workflow.)

    I’m also going to talk to our help guru about how to make this more clear to folks, because with this great example, I see what you were expecting. THANKS! With all this functionality, it is hard to sort through what is exactly right for your situation.

    Hope that helps!
    Jana

    [Reply]

  • http://www.quickbase.com Jana Eggers

    Hi, Ivan,

    I’ve asked the Support team to get in touch with you to understand why Support isn’t working for you.

    Regarding your comment on security, what you are describing (and our Support team will follow up with you on this as well) sounds like you need to work on field (and possibly record) permissions in your QuickBase application. Restricting Views to a role is not a form of data security. Restricting Views for a role is about focusing the end users on the Views they need for their job… to make their job more efficient. These help topics should get you started:

    Field restrictions: https://www.quickbase.com/help/about_restricted_fields.html
    Record restrictions: https://www.quickbase.com/help/creating_a_custom_rule.html
    Group record permissions: https://www.quickbase.com/help/assigning_group_records_access.html
    Associating views with roles: https://www.quickbase.com/help/specifying_views.html (Note this one isn’t about data protection, but describes why you limit views, i.e., for workflow.)

    I’m also going to talk to our help guru about how to make this more clear to folks, because with this great example, I see what you were expecting. THANKS! With all this functionality, it is hard to sort through what is exactly right for your situation.

    Hope that helps!
    Jana

    [Reply]

blog comments powered by Disqus
QuickBase Online Database
Featured in Alltop
Meet Our Writers

Alexandra Levit

Alexandra Levit’s goal is to help people find meaningful jobs - quickly and simply - and to succeed beyond measure once they get there. Follow her @alevit.

 

Alison Green

Alison Green writes the popular Ask a Manager blog where she dispenses advice on career, job search, and management issues. She's also the co-author of Managing to Change the World: The Nonprofit Leader's Guide to Getting Results and former chief of staff of a successful nonprofit organization, where she oversaw day-to-day staff management, hiring, firing, and employee development.

 

Eva Rykr

Eva Rykr is an organizational psychology practitioner. Her passion lies in bringing a psychology perspective to the business world, with the mission of creating a high-performance environment. Follow her @EvaRykr.

 

Anita Bruzzese

Anita Bruzzese is a syndicated columnist for Gannett/USA Today on workplace issues and the author of “45 Things You Do That Drive Your Boss Crazy.” She has been on the Today show, and quoted in publications such as O, The Oprah Magazine, Glamour, Self.com and BusinessWeek.com. Her website, 45things.com, is listed on the Forbes top 100 websites for women.

 
Recent Comments
  • Alison Green - Ask a Manager:
    Ugh, yes, nail clipping!  And calling unnecessary meetings!

  • CPAlady:
    Also nail clipping :)

  • Sbelcourt:
    Is there a way you can set your ipad app for Quickbase to open in Full Site screen versus the mobile...

  • Anonymous:
    @Chase:  I don’t know what’s worse – a ridiculous comment like that or the standard...

  • Anonymous:
    @Tom S, is that you?  I actually quote you in my chapter on passion in my book, New Job, New You.  Thank...

QuickBase Online Database
Online Database Software:
Company Information:
Site Links:
From the Makers of:

© 1997-2010 Intuit Inc. All Rights Reserved.

Online Database VeriSign Secured Web Based Software TRUSTe Certification Online Database SAS 70 Certification

Like what you see? Get our articles on your platforms of choice:

Follow us on Twitter to get daily tweets.

Like us on Facebook to get updates in your News Feed.

Subscribe via email to get our blog posts in your inbox.