Ensuring Secure Data Transmission and Storage with Retool and Cloud Service Providers

leoarthur · July 15, 2024, 6:23pm

Hi everyone,

I'm currently integrating Retool with my cloud service provider and want to ensure that all data transmission and storage are secure. What are some best practices and tools I should consider maintaining high security standards?

Specifically, I'm interested in:

Encryption methods for data in transit and at rest
Secure API usage and authentication protocols
Best practices for managing credentials and secrets
Tools or services that can enhance security when using Retool with cloud service provider

I'm open to hearing about your experiences and any best practices you've found effective. Looking forward to your insights!

Thanks in advance for your help!

Jack_T · July 29, 2024, 10:38pm

Hello @leoarthur!

By "integrating Retool with my cloud service provider" are you saying that you are going to be self-hosting Retool?

-Here are some docs that cover Security Hardening Best Practices.

-For API usage, I would recommend adding a trusted auth flow such as Google SSO to add in a security layer.

-Retool encrypts sensitive data stored in the database by default.

-For encryption in transit, this is up to you, would recommend SSL.