Skip to main content

Encryption

AES-256 & TLS

ISO 27001

Certified

AWS Hosted

US-West Oregon

SSO Ready

OIDC Protocol
Teable is committed to maintaining the security and privacy of your data. Our security practices are designed to protect your information while giving you full control over your workspace.

Data Encryption

Encryption in Transit

All data transmitted between your browser and Teable servers is protected using 256-bit SSL/TLS encryption. We enforce HTTPS for all connections with automatic HTTP to HTTPS redirection.

Encryption at Rest

  • Teable Cloud
  • Self-Hosted
All data stored in our databases is encrypted using AES-256 encryption through AWS infrastructure. This includes:
  • Database storage (PostgreSQL on AWS RDS)
  • File attachments
  • Backups

Infrastructure Security

Teable Cloud is hosted on Amazon Web Services (AWS) in the US-West (Oregon) region, leveraging AWS’s enterprise-grade security infrastructure.

Security Headers

Implementation of Helmet and Content Security Policy (CSP) to prevent common web vulnerabilities like XSS and clickjacking.

Bot Protection

Cloudflare Turnstile integration to prevent automated attacks and spam registrations.

Rate Limiting

Protection against brute-force attacks on login attempts with account lockout, and rate limiting on email verification and password reset operations.

Password Security

All passwords are hashed using bcrypt algorithm with unique salts, making them resistant to rainbow table attacks.

Access Controls

Role-Based Permissions

Teable provides granular role-based access control with five permission levels:
RoleCapabilities
OwnerFull control over the workspace, including billing and deletion
CreatorCan create tables, views, and manage workspace structure
EditorCan edit records and field values
CommenterCan view content and add comments
ViewerRead-only access to content

Authority Matrix

Authority Matrix allows fine-grained permission control at the field, record, and view level, enabling you to precisely define what each user or role can see and modify.
This feature is particularly useful for:
  • Restricting sensitive fields (e.g., salary, personal information)
  • Limiting record access based on ownership or department
  • Creating custom views with different permission sets
Protect your shared views with password authentication. When enabled, recipients must enter the correct password before accessing the shared content.

Data Management

Record History

Track all changes made to your records with a comprehensive revision history:
  • See who made changes and when
  • View previous values before modifications
  • Understand the complete lifecycle of your data

Trash & Recovery

Deleted items are moved to trash and can be recovered within the retention period, providing protection against accidental data loss.

Single Sign-On (SSO)

Teable supports enterprise SSO through the OIDC (OpenID Connect) protocol, compatible with major identity providers:

Azure Entra ID

Okta

Google Workspace

Auth0

OneLogin

Authentik

Compliance

ISO 27001 Certified

Teable Cloud has achieved ISO 27001 certification, demonstrating our commitment to information security management best practices.

Self-Hosted Deployment

For organizations with strict security or compliance requirements, Teable offers self-hosted deployment options:
1

Data Residency

Keep all data within your own infrastructure and geographic boundaries
2

Network Control

Deploy within your VPC with custom firewall rules and network policies
3

Custom Security

Integrate with your existing security stack, SIEM, and monitoring tools
4

Backup Control

Implement your own backup and disaster recovery procedures

Security Best Practices

We recommend the following practices to maximize your workspace security:
Create passwords with a mix of uppercase, lowercase, numbers, and symbols. Consider using a password manager.
Single Sign-On provides centralized authentication management and additional security controls.
Audit your workspace members and their permission levels periodically to ensure least-privilege access.

Contact

For security-related inquiries or to report a vulnerability, please contact us at [email protected]