(I thought I posted this yesterday, but apparently not, so apologies if redundant.)
Hi all,
I have a production app with sensitive data (investor personal info). I want to hire a developer to keep working on the app, but I don’t see how to have the developer work on the app (in the Builder) and not have full access to the Production data (which is secure / confidential and the Developer should not be able to see).
Is there anyway to keep a Developer out of Production data? Is there anyway to have a Developer work on new parts of the app, without immediately pushing changes to Production, and without having wide open access to all the Production data?
Hopefully there is a way to solve this, which would then allow me to consider off-shore developers. Otherwise I probably can’t hire anyone to work on the development as the info security issues are pretty challenging.
Anyone have thoughts on how to solve this? Any system updates coming around the corner that might help solve this?
Thanks,
-Dan
While it’s true that any database system requires access to its underlying data to create forms, display data, or apply filters, it’s worth clarifying that modern database and application design often strives to conceptually separate data and interface through abstraction layers. However, complete separation isn’t feasible because the interface inherently depends on data access to function.
For instance:
1. Forms and Filters: To create interactive forms and enable data filtering, the system must directly or indirectly access the underlying tables to fetch, process, and present data to the end user.
2. Data Display: Any interface designed to display data (dashboards, reports, etc.) inherently requires a connection to the database to retrieve the information being displayed.
3. Security and Abstraction: While you can use APIs, views, or stored procedures to abstract direct table access, these mechanisms still rely on the database’s ability to access the underlying data. They merely provide a layer of control and security, not separation.
In essence, while the user experience can feel decoupled from the raw database through abstraction and middleware, true separation isn’t possible because the interface ultimately relies on the data to function. It would be nearly impossible to create an app without data table access.
Unfortunately, your need to keep data private and not accessible to a developer is not realistically possible on any platform.
2 Likes
I agree with @bgedevteam. It would be very difficult to build out the pages of an app without having access to the data, probably impossible. My advise would be to hire a developer you trust that has strong confidentiality agreements in place.
Thanks all for the feedback. I have certainly worked in more structured programming environments with Dev Code & Dev Data / QA Code & QA Data / Prod Code & Prod Data - so that is definitely possible. It’s also important to have these safeguards in place when using Prod data that you want to have “locked down” more. For instance, you can live edit Prod data directly from the Builder - super convenient but not the most secure.
I also get that Tadabase is a bit more of a “quick and dirty” tool for fast building, and that creates limitations (like this).
Hopefully subsequent releases and updates will at least partially solve this. That said, not having a true “dev” environment is becoming increasingly difficult to manage - every time we tweak our Prod apps it feels a little like doing open heart surgery on a live patient - should go okay but always a bit nervous that something important might break in the middle of the day.
I know they are trying to address this, so hopefully some updates coming soon.