Security

Where is my data stored, and is it secure?

Yes, your data is secure, and is always stored by you. When you load a view or query, the BaseDash back end makes a request directly to your database, applying the credentials server-side. None of the data returned by your database is stored on our end. We do this because having the end-user's browser connect directly to your database would expose credentials and require you to whitelist every user individually, rather than just the BaseDash server.

We also have an on-premises version of BaseDash that you can deploy yourself, in your own VPC, on your own VPS. That way, you are fully in control of the BaseDash instance, and your data never leaves your VPC.

How does the on-premises version work?

You deploy it via Kubernetes on a Linux machine. The whole process takes around 15 minutes. On-premises is offered on our Enterprise plan. Contact us for details.

What do you do to keep BaseDash secure?

Security affects everything we do at BaseDash—notably, we:

  • Force HTTPS on all connections, so data in-transit is encrypted with TLS
  • Encrypt all database data at-rest with LUKS
  • Further encrypt database credentials with AES-256
  • Host all servers in Canada, in data centers that are SOC 1, SOC 2, and ISO 27001 certified
  • Maintain detailed audit logs of all internal systems
  • Work with security researchers when they identify potential security vulnerabilities, and respond to all reports within 2 days of submission

What sort of data does BaseDash store?

Only data that you manually input or generate in BaseDash, such as:

  • Account details (e.g. name, email)
  • Workspace info (e.g. collaborators, plan)
  • Database details (e.g. name, credentials)
  • View definitions (e.g. visible columns, filters)
  • Edit history (e.g. before and after values, associated record ID)

We cache some information on the client side to improve performance, such as table names and view definitions, but these are not accessible to our servers directly. Beyond that, we do not cache or store any data from your databases on our servers.

We also track certain key analytics—see our Privacy Policy for more details.

Last updated: April 12, 2021
BaseDash Inc.

The new standard for internal tools

BaseDash replaces custom internal tools so you can focus on building your product.
Get started for free
Decorative graphic of two people in an office