This post was originally published on April 11, 2019, and updated on May 13, 2021.
We’re very excited to announce that Quickbase achieved an A rating from SecurityScorecard, an independent security ratings service that rates cybersecurity postures of companies based on their cloud computing services. This rating reflects the dedication our team has around establishing and maintaining the trust our customers put in our ability to keep their data secure throughout their digital tools.
SecurityScoreCard collects publicly available internet data and analyzes it across 10 key risk indicator categories and assigns an overall rating, resulting in a grade on a scale of A through F. Our rating of 98 means that Quickbase is 5.4 times less likely to suffer a consequential breach than a company rated B, C, D, or F.
“At Quickbase, we work hard to provide a highly available and secure platform which enables our customers and partners to quickly build and deploy secure applications to their users,” says Mike Lemire, Chief Security & Compliance Officer at Quickbase. “Security rating platforms like SecurityScoreCard are one part of our security toolkit, providing a holistic view of not just the Quickbase platform, but all of the systems and services that support our platform. We are very proud of the A rating we have achieved, and it does not stop there – every security practitioner knows security is all about continuous improvement.”
Security ratings services like SecurityScorecard take a deep dive on all services that a company presents on the internet – categorized into areas such as DNS, e-mail, web site security headers – and rates them in relation to security factors. Negative factors such as lack of email spam filtering protection or a missing security patch will negatively impact a company’s score.
It’s important to note the ratings are generally based on companies rather than a specific product. This means that any reduced security on non-critical services such as non-production marketing, development, or parked domain will negatively impact a company’s score.
At Quickbase, we take security and compliance very seriously and aspire to be market leaders in this area. In addition to platform features, security and compliance permeates every aspect of our platform and infrastructure, including processes, and tools used to manage, monitor, and stress test that infrastructure.
Our data centers are geographically diverse and architected for high availability, our COLO data centers have high military-grade physical security, and all data, whether in motion or at rest, is encrypted with strong encryption keys. In fact, by default, Quickbase encrypts data at rest with a stronger encryption key than many of our competitors.
From a process perspective, we’ve achieved important compliance attestations like SOC 1, SOC 2, and HIPAA. And, in terms of our day–to–day operations, we’re working with best of breed security vendors to protect, monitor and stress test against both internal and external threats and vulnerabilities.
We’re very proud to have achieved this high rating from Security Scorecard. This focus on security, compliance, and enterprise capabilities, coupled with collaborative governance models, continues to give our customers greater confidence in building their business-critical applications in Quickbase and fully realize the benefits of digital transformation.