I am building an app that deals with personal information of users, their notes, plans, projects. Issue is that I see I, as app owner, don’t have the right to access their personal data through database through admin role. I regard this as a basic common sense right for users
I understand there’s currently no native way to encrypt users data when entering database and decrypt it when users retrieve data later.
May you please advise what options I currently have to block this default admin access to users data (not just sensitive, but in general). Is it through certain plugins, workflows,…?
This can be more realistically accomplished by just having common sense privacy policies in place for your business and following those policies. This is mainly because any way you encrypt those values, you can easily decrypt them as well to still access them, as could pretty much anybody who uses a simply encrypt/decrypt tool.
There are free plugins for encrypt/decrypt…they all take time to encrypt (a few seconds) and decrypt (a few seconds).
Privacy Policies of your company and following them. Privacy rules in the app.
Thanks for quick response. I see the logic behind your point, but, I still see it as an ethical issue here…just have the access to others’ personal data is still inconvenient. What other leading SaaS platforms do in this regards; Salesforce, Tableau?..apps like google, facebook? I think they do something different, no?
No they don’t encrypt all user data for the purposes of not allowing Administrators to see the data…and check out all the issues over how Google and Facebook use user data to power their businesses…if they didn’t have access to our personal data, they wouldn’t have multi-trillion dollar businesses.
Either way, if you want to encrypt and decrypt, go for it, there are plugins as mentioned, but understand it is not essential and will cause for a slower app and poorer UX plus increase in cost of WUs.
