Using a spreadsheet for data is reasonable within an organisation, we do it all the time. However, there are still restrictions on who can access whose data.
Using a spreadsheet for data of users not within an organisation makes me nervous. As a bare minimum, I could nefariously exploit it.
It just doesn’t feel like the most secure data storage. (Which is why one of my feature requests was encryption).
Thoughts and comments?
I agree. Encryption is the answer, or at least, one answer. It would also minimize the fact that for some users, Google and all his stuff are evil / big brother.
Why do you think your Google Sheet is not secure? If you don’t share it with your users, they can’t access it. Glide does not share your sheet with anyone. We take many steps to protect your data, including security audits by a firm we pay to find security holes in Glide—they did not find an issue with our use of Sheets for example.
The weakest point of Google Sheets security is the installed add-ons.
The biggest issue is how easy it is for anyone who has access to the spreadsheet to see everyone’s data and print it out or copy and paste it. That could be a significant privacy issue.
I really like how Glide has used Google sheet’s but would like to see more done to protect data.
Sooner or later you will have a Glide user saying they want to store sensitive corporate data that not even the person who manages the app should be able to see. Get in early. Get encryption working.
Also, with security and privacy you’ve got to always plan with the assumption the data will be breached.
With that it mind, like you can never have too many backups, I’d say you can never have too much security (provided it doesn’t kill performance).
My Google sheet is locked so only people in my Organization can see it. When I tested this with an outside user, they were unable to access the Google sheet from the browser, however, if they had access to the App built from the Google sheet, they were able to see all the data in the app! Strange? Has anyone seen this or figured out a way to prevent outside users to see the data in a Google sheet that was meant only for users within the org?
Never mind - I stumbled upon the Privacy settings and by default it was set to Public. However, I was hoping it would inherit permissions from Google Sheet sharing settings! Looks like it does not. Thanks.
That’s kind of the point of the app…to see data from the sheet it’s linked to. You granted access to allow the Glide app to access the sheet. If you want to restrict access to the app, then I would suggest using the whitelist privacy option, or structure the app in a way that uses per user data filtering to only show data to those who have the privilege to view the data. There’s a lot of that outlined here.
If you were providing an app to 1000 people, I don’t think you would want to manually grant access to each one via google sheets. The app handles that much easier.
For the case of protecting user data from Developers and Builders it is imperative that encryption of input data is enabled right from the screen level tied to row owner and secondary row owners. This will be a great addition to build applications that comply with Privacy Regulations in different countries.