Administrative policies

Authentication controls

Account administrators can set additional sign-in restrictions for their Quickbase account:

  • Two-step authentication:This requires users to enter a one-time code (sent via email) in addition to their username and password when logging in.
  • Login attempt and session limits: This locks a user out from logging in after a set number of attempts. You can also limit the number of concurrent sessions each user can have.
  • Inactivity timeout:This sets an inactivity timeout for user sessions for even more security and control. You can also log out users automatically if they have been inactive for a set period.

Password controls

Carry over your organization’s unique requirements for password strength to Quickbase accounts. This ensures that passwords comply with the same rigorous standards as other software in your ecosystem. If you've enabled SSO, users will sign in to Quickbase using your organization’s network login.

Network access control

Limit access to your Quickbase account within specific IP ranges. This requires users to either:

  • Access from specific locations within the IP range; or
  • Proxy their traffic through a corporate VPN to access Quickbase

You can also gain better visibility of integration traffic coming from Quickbase to one of your internal systems. By enabling static IPs for Pipelines, your integrations will always come from an IP address on our static list. Then you can configure your internal systems, like firewalls, to expect incoming requests from those IPs.

Security policies

Account administrators have a range of security policies available to meet your organization’s governance and risk management needs. Some examples are:

  • Hash user tokens, often thought of as API access tokens, and hide them in the UI after creation
  • Limit application admins to only add users who already have access to your account
  • Block cross-realm and external links

Data management

Data classification

A key part of data governance is understanding what type of data each application or data source is storing. Quickbase allows account administrators to create data labels to categorize their applications based on the type of data they contain. This makes it easy to label applications containing sensitive information.

Admins can also align with larger data classification strategies at their organization. This provides end users more visibility into the data stored on the Quickbase platform. Additionally, data labels come with descriptions to inform end users how the data should, or should not be, handled.

Data scanning

To help you determine which classification label to use for a given app, you can leverage our machine learning-powered data scanner. It has built-in options for detecting many types of PII, or you can use regex to identify any type of data your organization needs to keep tight control of.

You can also use data loss prevention tools to monitor user activity on your Quickbase account. You can get API access to your Quickbase audit logs and establish a DLP integration.

Artificial intelligence

Quickbase offers a range of features powered by generative AI. If your organization’s policies forbid the use of generative AI, you can disable them at the account level.