Private Storage Option

This is something I’ve mentioned in private exchanges with some of the Glide team, but just wanted to throw it out there as an “official” feature request.

By definition, I expect this would be an option only available for Private Apps, and possibly only for enterprise customers.

Most of the apps I build are for corporate customers; the company I work for and some of our partners/clients. Often we want to store files and documents and make them available via the app, but some of them can contain quite sensitive or private information. Think employment contracts, sales proposals, NDA’s, etc, etc.

As it is at the moment, when we store files in Glide, the resultant URL is publicly accessible, which poses a security risk. So it would be nice to have a secure storage option, where files can only be accessed by users of an app.

I’m not exactly sure how this might work, but I can envisage two possible scenarios:

  • Scenario 1: Client Hosted
    The client hosts all files and takes responsibility for access control, fire-walling, etc. Glide would need to provide a list of hosts/IP addresses for whitelisting, and also only allow access from specific (client nominated) apps.

  • Scenario 2: Glide Hosted
    Glide hosts all files, and is responsible for access control and ensuring that access to files is only available from nominated apps.

I think this is a feature that would add great value for Corporate/Enterprise clients.

+1 for this

+1

Hi Darren
Thank you for the reply. I do agree that it must be available for Pro and Enterprize. It will be great if a user can save or upload to his own google drive. Since we are using Google Sheets we might as well use that as a storage facility as well. The user can then also set his own security for accessing the folders.
Glide then also does not have to worry about their own storage capacity that they are currently offering to users.

2 Likes

You are just so right. The files also be the images used in the app eg photos of employees

1 Like

Not having a private storage option is a blocker for at least 1 app where I have a client with a need and money. I need to securely handle uploads like driver’s licenses and private contracts. Edit: This use case is for a Public with Email app.

1 Like

+1 billion!
Simple as that: Glide MUST allow paid users to choose their desired data storage solution. Not only that, Glide should openly declare that they DO NOT store uploaded files on their servers on such occasions where the app builder opted for external data storage. Google Drive is the obvious default option, but surely some builders will prefer other data storage providers.
The fact that ALL uploads are publicly accessible is a big no-go. I don’t want to sound pessimistic but I would assume that any reasonable business owner would immediately disqualify Glide as an option for his apps, once he/she hears that there’s no simple way to protect files uploaded via their Glide app.
As we all know, Google Drive has a robust security feature which runs all the way from simple access management to their (close to) bulletproof Vault solution for data retention. This means that in addition to inherently blocking access to files based on the domain’s configuration, it will also allow the business owner to be (as close to) 100% confident that their precious business data (i.e. uploads from Glide) is not going to be deleted, moved, exposed, hacked, etc. In other words, controlling these uploads and their life cycle.
To be honest, this seems to be such a fundamental feature that I’m surprised it’s not available until now. Using these awkward workarounds with 3rd party partners (Zapier, Integromat, etc) is not a true workaround. It’s more of looking the other way on a serious flaw of the Glide system. At the end of the day, the “original” storage option is always based on Glide’s storage which is a potential security breach to begin with. We MUST be allowed to opt-out of Glide’s own storage.
Coming back to @Darren_Murphy original post, it’s also surprising that there’s no paid feature within Glide to solve this. I have to be honest and say that even if such a feature was optional, it would still be a no-go for me, but surprised it’s not something Glide monetizes.

4 Likes

Hi @david,
Are there any plans to introduce external storage anytime soon?
Ideally, there should be an option to store directly at these data warehouses, such as Google Drive, Dropbox, etc. By “directly” I mean that a copy of these documents will NOT be saved on Glide’s infrastructure. Without it, we’re facing no-go from business owners who values their privacy, and of course their client’s privacy.
If there’s no plan to offer external services, are there any plans to allow sharing rights inside the Glide eco-system? As of now, file are accessible via a simple and completely public URL.
Full control of documents is absolutely crucial for many businesses.
Thanks

The URL is public but not simple–you must know the URL, which contains a password.

We will introduce an authenticated storage option, hopefully early next year.

4 Likes

That’s great news, thanks.
An external storage is not on the drawing board?

A significant number of business customers have not asked us for this–practically the only people who ask for this are teachers using GDrive, or people who want to use our Free tier and avoid the 100MB limit, so, at the moment this is not much pressure for us to add Dropbox, for example.

It’s also more-or-less straightforward to copy files into another storage location and delete the Glide link from your sheet, which achieves the same result.

Thanks for this info. Surprising that business owners are fine with this situation.
Deleting the file link is not secure enough. The URL is still active and in anyway some files must NOT pass through any unsecure system anyway. This opens up a ton of liability issues for my clients if their data is somehow exposed. We all know that nothing is bulletproof, but we need to at least wear a vest :slight_smile:
Correct me if I’m wrong, but I think that the only true “direct” way that we have now is via a web-view into a file drop service such as GoFileDrop or others.
Or perhaps I’m mistaken and even with a web-view the files are still captured by the Glide storage system.

Glide does not know what happens in Web Views.