New Security Features
As Quickbase customers continue to build more applications to store their confidential data, they are looking to get additional security controls. To meet those needs, we are announcing the following two features.
1. Advanced Data Encryption
Quickbase currently encrypts all customer data in transit (data moving from one location to another across the internet) and at rest (data stored on servers). Quickbase encrypts data in transit using TLS certificate and is one of the market-leading vendors that encrypt app data and file attachments at rest using best-in-class AES 256-bit encryption key hosted by Quickbase.
And, while we do provide best-in-class data encryption, customers want more control over how their data is encrypted at rest in Quickbase. This need for security control is either driven by external regulations (e.g. HIPAA, GLBA, SOX, etc.) or customer’s internal security standards. To meet those needs, we’re announcing an Advanced Data Encryption feature that enables customers to encrypt their data at rest using a customer-specific encryption key that they can change on their schedule.
This feature comes with two configurations: (1) Customer-specific unique encryption key provided and hosted by Quickbase and the key can be changed by customers on their schedule. This configuration is available for our customers today. (2) Customer-specific unique encryption key provided and hosted by customers in their own Key Management System (KMS) or Hardware Security Module (HSM). This configuration will be available later this winter.
While this feature does not change the strength of the encryption key used to encrypt data at rest (i.e., AES 256-bit key), it does give our security-minded customers more control over encryption of their data in Quickbase. Even though other low-code app development platforms provide this advanced encryption feature, their default encryption key is usually of lower strength (i.e., AES 128-bit key) and their higher strength encryption key often compromises certain out of the box functionality.