Security

Granular access control for every app, table, attribute, & collection. Decide if you want to edit your DB directly, with actions, or a mix of both.

Learn more →

Track workspace activity

Edits, deletes, record creation, actions (coming soon) are all tracked at the workspace level.

SOC II Type 2 Compliant

Basedash has undergone the months-long process of SOC 2 compliance audit and certification. All servers hosted in Canada, in data centers that are SOC 1, SOC 2, and ISO 27001 certified

Restrict editing at every level

Small teams that need to move fast can make edits directly to the database, while larger teams can view only and edit via their own internal APIs.

Self-hosted

Deploy a self-hosted version of Basedash in under an hour within your own VPC, and behind your existing firewall.

Learn more →
the basedash logo - a large "B"

Fully secure

an icon indicating SOC compliance

SOC II Type 2 compliant

Basedash has undergone the months-long process of SOC 2 compliance audit and certification.

an icon indicating encryption

Encrypted connections

  • We require HTTPS on all connections, so data in-transit is encrypted with TLS
  • All database data is encrypted at-rest with LUKS
  • Your database credentials are additionally encrypted with AES-256
an icon indicating hosting. a cube with a leaf inside it.

Hosted on certified servers

All servers hosted in Canada, in data centers that are SOC 1, SOC 2, and ISO 27001 certified

an icon indicating a briefcase

Streamlined security audits

Work with security researchers when they identify potential security vulnerabilities, and respond to all reports within 2 days of submission. We maintain detailed audit logs of all internal systems.

Your data stays with you

Data is never stored

an icon that depicts a datbase. it's shaped like a cylinder

When you load a view or query, the Basedash server makes a request directly to your database, applying the credentials server-side. None of the data returned by your database is stored on our end.

an icon depicting on-premisees services. a cylinder inside a house

Basedash self-hosted

Enterprise only

We have a self-hosted version of Basedash that you can deploy in under an hour within your own VPC, and behind your existing firewall. You are fully in control of the Basedash instance and the level of security.

Learn more

Control access and edits

an image showing a database dashboard that includes users and password settings
an icon of broken lines, indicating disconnection

Disconnect tables and attributes

Every data source, table, and attribute can be disconnected from Basedash. When something is disconnected, we do not read, query, lookup, cache, or allow anyone within Basedash to access the data. Any view that uses data from a disconnected entity is deleted when a connection is severed.

an edit icon - a pencil inside a square

Disable edits on every source, table, and attribute

Like connection, every source, table, and attribute can be restricted to view for all users of your workspace. This allows you to avoid conflicts of validation, complex business logic, or mistaken edits to attributes that never change.

What data does Basedash collect?

Continuous performance analysis

We monitor application performance, load times, and use Fullstory to analyze how Basedash is used. All of your data is hard-coded to be masked and not recorded or captured.

See our Privacy Policy for more details.

Full edit history

The value before and and after an edit, the date and time it was made, the database it was edited on, the record that was edited, and the workspace member who made the edit.

Free plans have 2 week edit history, Starter plans have 90 days. Workspaces on our Enterprise Plan can opt out of this collection of data or define their own limits on duration.

Some information cached on client-side

We cache some information on the client side to improve performance, such as table names and view definitions, but these are not accessible to our servers directly. Beyond that, we do not cache or store any data from your databases on our servers.

Some database details

We only store the data needed to connect to your database, not the actual data itself. This includes your database name, credentials (fully encrypted), configuration, schema, and type.

Important workspace info and configuration

Details about your workspace including billing, name, type, and info about other members of your workspace. We also capture the configuration of SQL or basic views created in your workspace.

Account details

We capture your name, email, role, and user preferences such as avatar. We believe that user data shouldn't be captured unless it's necessary for building you a better product. Reach out to us at any time and we'll delete your account.

Ship your product faster.
Worry about internal tools less.

No credit card required.