10 min read
How admins can securely setup Coda
Enterprise admin best practices for controlling and enhancing security across your company.
Most features mentioned are only available on an Enterprise plan.
Customized security to fit your needs.
We understand that the security of your data and your users is of utmost importance, and we are committed to partnering with you to ensure that you are always in control. Instead of simply applying restrictions (which is possible), we recommend a granular approach, so you can make sure sharing and access within your Coda workspace is customized for your needs and standards.
What you’ll get:
- Security settings within your Enterprise plan
- Coda's approach to security
- Recommendations for your settings
What you'll use:
- Org admin settings (Enterprise only)
- Workspace settings
- Admin API (Enterprise only)
A note about compliance.
Coda adheres to global privacy laws and security standards with measures in place to help you meet your compliance obligations. We are SOC 2 Type 2, GDPR and CCPA compliant. Learn more.A walkthrough from our Customer Success Team
1. Your options, our recommendations.
Authentication & signing in with SSO
SSO - or “single sign-on” allows users to access multiple applications or websites via a single authentication source with enhanced security or user provisioning requirements. Enterprise customers can enable SAML 2.0 SSO for all managed domains in their organization. Recommendation: While any authentication is better than none, we recommend setting up SAML SSO and disabling all other authentication mechanisms for your employees. SSO will not only help to secure your workspace but will also make Coda more easily accessible to your employees. Learn more.Provisioning with SCIM
SCIM (System for Cross-domain Identity Management) is a set of protocols that allow a third-party identity provider to manage users inside Coda for your organization. This enables your identity provider to automatically provision and de-provision users and groups in Coda, based on their roles and application assignments within your identity provider. Recommendation: Setting up SCIM makes onboarding and off-boarding users easier. With SCIM, you won’t have to worry about removing access to docs from former employees. SCIM also allows you to push groups defined by your identity provider to Coda, which gives your users easy access to share docs and folders with groups rather than having to share with each individual. Learn more.Enterprise Advanced Access Control
Control how docs, Packs, and forms can be shared outside the organization. As an org admin, you can update your advanced sharing rules at any time from the organization settings console. You have three options to choose from:- Unrestricted.
- Invite-only external access.
- No external access.
If you do not need to collaborate with external users, and only need to collaborate with employees within your company then we recommend choosing "no external access". Learn more.
Security in Packs
Org admins can control which Pack integrations are accessible within their workspaces and manage Pack installation requests from workspace users. Recommendation: By default, all Packs are approved. Instead of simply enabling/disabling Packs (which is possible — learn more), we recommend a granular approach so you can customize access to your specific security requirements. Coda gives simple approval controls to advanced controls that allow you to define who can use Pack, what data can be brought in from a Pack, and how docs with Packs can be shared. Learn more.2. Admin features to enhance your control.
Audit log
For org admins on Coda’s Enterprise plan, the audit events dashboard is a powerful tool designed to help easily monitor and analyze all activity in your organization. This dashboard provides a centralized view of actions users have taken within Coda. Org admins can use this information to identify potential security risks, such as unexpected access attempts, and to help ensure compliance with your organization's policies. Learn more. Enterprise accounts can also integrate Coda audit events into their SIEM (Security Information and Event Management) systems using Coda Audit API.Doc access
See which docs in your workspaces have been shared with the public and change permissions or lock down access directly from the “Org doc” dashboard in their org settings. From this dashboard, you can update permissions on behalf of users at your organization. Learn more.Coda Admin API
The Coda Admin API is a RESTful API that allows programmatic access to administrative reports and capabilities within Coda. Enterprise admins can use the Admin API to view and modify policies, integrate with a DLP or e-discovery tool your company may use, view audit logs, and more. While you can find most usage information in your Members & Groups dashboard, the API allows you to dive deeper into what actions those users are taking within the workspace. We recommend using the Admin Pack - a UI layer to the Admin API that gives admins real-time information on users, docs, folders, Packs, and activity in their organization The Pack allows you to view all of this info and make changes - right from a Coda doc. Learn more.Advanced Security Settings
Several other policies can be configured for Enterprise customers. To enable these policies for your organization, please reach out to our support team by clicking on the question mark in the bottom right of your doc or workspace.- Inbound sharing policy, publishing policy, shared folder creation policy, data export policy, file uploads policy, and session duration.
3. Additional resources to dive deeper.
Coda's security whitepaper
- Detailed insights into our security approach, the security features we offer, and our internal security processes, policies, and practices that are in place to safeguard your data.
- See it here.
Enterprise security feature roadmap
- Reach out to support to see our current and upcoming Enterprise security features and improvements.
- *Your account must have an NDA on file with us.
Was this helpful?
YesNo