Quickbase Discussions

 View Only

Build your Data Governance framework using Quickbase

By Maria Goritsova posted 03-15-2023 10:22

  

Build your Data Governance framework using Quickbase

Gartner reports that more than 80% of the companies and 59 % of government entities have set up "fusion teams" - multidisciplinary (digital) business teams that blend technology and other types of domain expertise. The rise of fusion teams is evidence that the boundaries between IT and the rest of the business are blurring at an accelerated rate. 

What does this mean? Practically it means that IT governance has never been more important for builders, administrators, and business personnel. A good governance framework ensures apps and processes become more scalable and approachable, while also satisfying the needs of the organizations and protecting all the shared data.

What is a Data Governance framework


A Data Governance framework creates a set of rules and processes
for securely gathering, storing and using data within an organization. With the expanding volume of data, a data governance framework makes it easier to:

  • Maintain policy and regulatory compliance

  • Support collaboration between teams and individuals

  • Monitor data privacy and risk exposure

A good data governance framework helps ensure that your policies, rules and definitions apply to all the data in your organization. It helps you deliver trusted data to individuals in many roles, from business leaders to data stewards and application builders.


Build your company’s Data Governance framework with Quickbase

There are many best practices you can implement, and while each organization is different and you might have to adapt it to your process and specifics, there is no need to completely reinvent the wheel. A typical Data Governance framework is centered around the following main principles:

  • understanding your data

  • properly structuring and classifying your data

  • protecting your data.

This article will guide you through the steps of how to build the foundations of your own data governance framework using already available features. Account Admins can leverage the recently released Data Scanner in combination with the Data Classification feature to identify and respectively classify PII data across their apps. Once this is done, with the help of the app managers, they can apply more restrictive data access controls for particular apps.

Data Scanner 

The Data Scanner automatically scans applications and detects many common types of sensitive data, such as Personally Identifiable Information, also known as PII data. Our Data Scanner gives Account Administrators an instrument to easily understand what kind of data is stored across their applications so they can take the proper corrective actions - classify, protect or remove data.

Note: Only account administrators can use Data Scanner. This feature is only available on our Enterprise plans.

Accessing the data scanner

  1. Navigate to the Apps page in the Admin Console.

  2. Find the app you would like to scan. Click the View link in the Data Scanner column.

     3. On the Scan history page, click Start scan.

  • The button will change to show you that the scan is in progress.

    • Navigate to the Apps page in the Admin Console.

    • Refresh the page every so often to see if the scan is complete. The speed of the scan depends on the size of the app. An app with 1 GB of data will take about 6 hours to scan.



Create a custom search

You can enjoy a better experience on our platform and the ability to gain valuable and actionable results by creating tailored custom searches in the Data Scanner. 

 1. From the Admin Console, select Apps.
 2. Find the app you would like to scan. Click the View link in the Data Scanner column. 
 3. The main page of the Sensitive Data Scanner for this App displays. Here you can create Custom scans by clicking on Manage Configurations




Viewing scan results


When a scan is complete, it will show on the Scan history page. On this page, you will be able to see the following details:


  • Review custom scan parameters selected 

  • Scan completion time
  • Data classification assigned to the app at the time of the scan

  • If the app was open to the internet at the time of the scan

  • How many records were flagged as containing potentially sensitive data

  • The probability that those records contain sensitive data

  • Access Tables where sensitive records were found 

    Admins will also have the option to export the result of the performed scan including detailed information as a CSV file by clicking on the "Export scan to CSV" link at the top right side

Additional information on Data Scanner can be found in our Help article. Information about the Custom search capability can be found here

Data Classification 

Our Data Classification functionality enables Quickbase administrators to define data classification and apply labels to the applications. Data classification is the process of organizing data by adding relevant tags so that it may be used and protected more efficiently. This makes data easier to locate and retrieve. It is a crucial practice for administrators inside of Quickbase to follow these methods in order to create awareness in end users and better protect their data.

Only realm admins can turn on data classification.
Note: Data classification is available for customers on Business and Enterprise plans.

Turn on realm-level data classification

  1. On the My apps page, go to your Admin Console.

  2. Select the Policies tab, if you are using the original experience, or the Policies option on the left in the new viewing experience.

  3. Scroll to the bottom and in the Data Classification section, check the box for Display data classification label for apps. It is now immediately available to use.


Assigning data classification to apps

  1. While on the Policies tab in the Admin Console, select Apps.

  2. In the columns of your app, you will now have a column for Data Classification with a drop down.

  3. Select from the drop down, select the appropriate classification and you're done.


    Not all apps need to be tagged with a data label and those apps that don't can use the BLANK (no label) option and nothing will appear for the builders and users when they access the app.
  4. Go back to your app and you should see a new icon on the right with the classification you selected.

For more information about Data Classification, please see the following Community Blog Posts and Help Center articles about Data Classification functionality in Quickbase:

Introducing Data Classification
Low-Code Data Management & Data Governance
Data Classification


Limiting App Access


You can easily control the application access within your realm if you have an application containing sensitive data. Of course, you can protect this information using Quickbase roles, if you want to control this on an account level, then you have a way to enforce an additional permission level. When using this feature, a user may only access the app if they have been assigned a role in the app AND their user status on the realm is Approved.

Note: Limiting App Access is available for customers on Business and above plans.

  1. On the My apps page, go to your Admin Console.

  2. Select the User tab, and find user you want to provide additional approval flag for.

  3. Click This user is > Select Realm approved option.

  4. Click Change Access.

To limit application access to approved users, you have additional settings within the app properties of your application. It is an easy way to specify that only approved users in your company should ever see information in that app. For this you need the help of your application managers or you need to have Super User rights.

 

To limit application access to approved users:

  1. From the app home page, click Settings.

  2. Click App properties, then click Advanced Settings to expand the section.

  3. Under Realm security options, select the Only "approved" users may access this application checkbox in the Realm Approval section.

    Note: If you don't see this item, your app doesn't belong to an account that is in a realm.

  4. Click Save to save your changes.


For additional information about Limiting App Access see the below Help Center articles or contact your Account Manager:

Set General User Access Levels

Limit app access to approved users only

Permalink