🕵️ Storing sensitive data: how safe is it?

Hello fellow Bubblers :wave:

A friend and I are working on a project where we will be storing a bunch of personal data from our users.
That could include birth date, ID card, social security number, administrative documents, logins to other web services and more.
We are based in Europe.

We love :sparkling_heart: Bubble but are wondering if it is a good fit from a security standpoint.
And if so, what measures we should take to protect these info.

So, is Bubble okay for storing sensitive info? :thinking:

I’m also using this post to sum up what I’ve read here and there on the forum, for other Bubblers to use.

We know that:

  • HTTPS / SSL encryption is available on paid plans, to secure the info between the user’s browser and the database
  • The database is encrypted at rest, on AWS RDS, which has “state-of-the-art security”. In addition, users’ passwords for our Bubble apps are stored separately, salted and encrypted, by Bubble (this is why you don’t see them in your database, only the user’s email)
  • Privacy roles is the layer to take care of to secure the data
  • Bubble is not yet PCI Compliant. (But we’re not storing credit card information. We’ll probably use Stripe)
  • Bubble is not yet HIPAA Compliant. (But we’re not storing medical information)
  • Bubble is on it’s way to become GDPR compliant, which also impacts their relation to their sub-processors. Also see Data Processing Agreement

Interesting threads on the subject:
Thanks to them! :raised_hands:

Specific questions:

  • I read and agree that “storing passwords in plain text is bad practice” and that we could use some “salting and hashing”. How do we achieve that? And why not apply that to all the data?
  • If storing personal data in Bubble is an overall bad idea, how should we proceed? Using a third party (which? how?)? Using another platform than Bubble? Eating a taco :taco: and relaxing?
  • Could one build a password manager (such as KeePass, LastPass and co) on Bubble? If not, why not?
  • Is there a way for us not to see the data stored in our database (meaning only the user can access it and if they lose their ‘key’, then it’s lost)? I’m thinking something like this. But since Bubble employees can see the data, I guess not.

Other security thoughts for Bubblers:

  • Have workflows to re-direct unauthenticated users
  • Use a strong admin password and encourage your users to use strong passwords and store them properly
  • Have the data backed up
  • Keep your bubble app up-to-date (updates)
  • Every action is logged (see your Logs) which enables audit if needed
  • Look into Bubble’s uptime guarantee (in case that’s a concern)
  • Have a contingency plan in case your team dies during your basejump team-building week-end. Just as Bubble do

:bulb: Idea:
I would suggest Bubble to provide us with a page with a list of these security features and a text we could use in our apps to provide security info to our users.
Heads up to @emmanuel & @josh :star_struck:

Thanks if you read it to here! Any comments and thoughts more than welcome!


Hi Luc,

I’m also interested in learning more about adding additional security around sensitive data. Your points made in “What we Know” mirror what I’ve also read and heard. However, I would still like to harden my security around certain sensitive fields such as Names, SIN, as an example. Three tools that I’ve seen that may be able to help are:

1) Encoder / Decoder Plugin by Zeroqode - This plugin provides various encoding types such as AES, H5265 JWT, HMAC-SHA256, to name the most secure. I’ve had this plugin installed for half a year, but just started using it to encrypt my sensitive data with the plugin’s AES algorythm. However, I don’t think the plugin actually works. I’m not able to see any ciphertext output to save to my database. There isn’t a demo with the plugin nor any documentation. I’ve also reached out to @levon’s team for assistance, just waiting to hear back.

2) Hash & HMAC Encryptor Plugin for Bubble - another plugin recently created by Zeroqode. Seems to be similar to the aforementioned plug, but a larger list of SHA-1 hash algorithms. I tried the demo, can’t get it to work as it’s in read-only mode and won’t allow me to enter inputs and run one of the algorithms on it.

3) Built in Bubble :formatted as HMAC SHA265 algorithm. Please see the screen shot below. Bubble limits you to HMAC SHA256 and HMAC SHA1 has algorithms. the also note that it’s safer to API your text input that you want ciphered so vs keeping it in a regular workflow, as a reqular workflow can be comprised by an attacker, thus your secret key exposed.

  1. Having Bubble create a “secured text” field type, which will provide strong crytpo on a string of text (i.e. AES) which a shared key. I’ve requested this with the Dev team.

What are other bubblers doing? Is there a way to add that one additional level of security to your strings just in case our database gets compromised? What’s the best solution / best practices? We don’t want to end up like Equifax where everything is in the clear.

Thank you -

Hi Gilles,

Thanks for joining the conversation and mentionning these interesting options :slightly_smiling_face:

I have encountered some of them but haven’t tested yet since I’m not sure if it’s necessary / what’s the use case, and how to use it.

To my understanding, the question comes down to:

1. What kind of data can we store in Bubble as is and where should we draw the line?
2. If one wants to add an extra layer of security (in which cases?), what’s the best procedure?

1 Like

Update: conversation is continuing there: Josh: Request for a Security Q&A Guide