Encryption

Your designated Quickbase realm administrator configures the data security features within your realm, including Encryption settings.

Customer data protection

Quickbase protects and encrypts customer data.

  • Quickbase protects data at rest using envelope encryption with AES-256 encryption keys. Each app receives a unique data key, which is used to encrypt the app and its data at rest. The master key is then used to encrypt the data key. Quickbase never stores unencrypted data to disk.
  • Quickbase encrypts data in transit using SSL/TLS.

By default, Quickbase uses a global master key, which is shared among multiple realms and never leaves the key management service (KMS).

Advanced Data Encryption

Also available is Advanced Data Encryption, where you can encrypt data at rest using your encryption key that you can rotate on your own schedule. It uses your encryption key and is hosted by Quickbase but managed by you on your own schedule. For more information contact your administrator.

Rotate your realm-specific master key on your own schedule

  1. If realm-specific master keys are enabled for your realm, click Encryption to open the Encryption page.

  2. To rotate your master key to replace it with a new master key, click Create New Encryption Key. Quickbase updates the table to show your new key as the current master key.

Key options

Your options for keys are to:

  • Use the realm specific key mentioned early in this topic
  • Use an AWS generated key
  • Use an Azure generated key

These keys are cryptographically generated by Quickbase, AWS, or Azure.