The Caspio Low-Code Platform
All the Tools and Support You Need
Unlimited Users With Every Plan
March 24, 2022
When it comes to data security, the stakes are high — brand reputation and consumer trust are on the line.
But according to a 2021 cloud security study, some 40% of organizations experienced unauthorized access to their enterprise applications due to various misconfigurations, including poorly set access controls and non-restrictive account permissions.
How do you ensure that users have all the data they need without giving them access to information they aren’t supposed to see?
Use Caspio’s record level security feature.
Subscribe to the Caspio YouTube channel and catch our livestreams featuring helpful tech tips and Q&A sessions.
Record level security or RLS allows you to restrict access to specific database records based on the current user in the app. At its core, RLS is a Caspio-native authentication feature that matches unique user credentials with records tagged with the same ID, making the information visible exclusively to the logged-in user. In short, the visible information changes depending on the user account that’s currently logged into the application.
RLS empowers admins to better shape the user experience of their custom apps and prevent unauthorized viewing and editing of data within the organization — protecting your business from potential breaches.
You can implement record level security in two ways:
Every business has sensitive data — client files, financial reports, sales documents, vendor contracts, employee profiles, etc. With record level security in place, you ensure that these critical pieces of information are accessed and managed only by the right people.
Ready to enforce record level security in your applications? Here’s a simple guide to help you get started:
Start by properly building the tables you need for your online database. Add a field that uniquely identifies each row within your user table (known as primary keys) and a column on a related table that links data to your users (known as foreign keys). This allows you to build database relationships that organize your data flow. By doing so, you establish the foundation of your multi-user web app.
The next thing you need to do is set up roles to manage user access in your application. For example, a recruitment management app is likely to have two users: the job applicants and the HR manager. Build views to filter them out into active users and active admins. These views will then serve as data sources when you create login forms.
Now that you have one view for each user role, create the authentications you need so they can log into your app. Simply select the appropriate username and password fields as indicated in your views.
All you have to do now is implement record level security while building the app using our step-by-step DataPage wizards. Just enable the RLS checkmark and match the fields from your user authentication with the current data source. It’s that easy.
App admins can also configure a specific DataPage to create advanced workflows using record level security. For example, you can add a workflow to your recruitment management app to move a job application record through a series of steps and departments towards the final offer.
You can also limit lookup values based on user identity in a dropdown or listbox field using record level security. This is particularly useful when multiple authorized users are managing an application.
Here are some practical ways to implement record level security within your Caspio-powered business applications.
It’s common to have a variety of user-profiles within a single department, each with corresponding unique restrictions.
For instance, in an inventory management team, you want the manager to see a dashboard overview of orders fulfilled monthly, quarterly, etc. The shipping team must be able to access and update only dispatch-related information in the same system. The store manager must be able to order necessary supplies from vendors or edit order requests.
Suppose it’s time to give the annual performance evaluation of the members of a particular department. Use record level security to set various restrictions for viewing and editing team records.
You want to make sure employees only modify their own data in the evaluation report and see their respective scores and evaluator comments. On the other hand, the evaluator or manager must have full access to create, read, edit, and delete data related to all of their team members. Finally, you can set the VP of HR or IT as an app admin user so they can use data from all employees — not just members of a specific team — to create company-wide performance reports and trends.
Record level security allows you to create advanced workflows, including managing business contracts through various stages.
The feature makes tasks visible to the right users while the contract moves through the designated path. For example, in the case of recruitment, a job offer contract can move from the HR manager to the department manager, then to the applicant, and finally back to the company.
You can also use record level security to configure DataPages and limit lookup values in a dropdown. For instance, in a Marketing team, you may have several writers specializing in different topics. By enabling record level security in your task management app, you can filter lookup values in a dropdown to ensure only relevant topics or tasks appear on each writer’s task list.
If you’re looking for ways to reinforce guardrails within your business applications, you can’t go wrong with record level security. The use cases above are just a few examples of how you can leverage this built-in Caspio functionality.
The possibilities are endless!
Watch our full YouTube stream on record level security to learn more about this powerful authentication feature.
Ready to explore more Caspio functionalities to enhance your custom business apps?
Subscribe to the Caspio YouTube channel and catch our Caspio Labs weekly livestreams (Mondays, 10am PT) for interactive app building and coaching sessions.
Here are some of the topics we’ve covered recently:
Need a custom app for your business? Talk to us and we’ll help you discover the possibilities with no-code development.
Caspio is the world’s leading cloud platform for building online database applications without coding. Start a free trial today and experience the power of no-code.
© 2023 Caspio, Inc. Sunnyvale, California. All rights reserved.