Community docs

Security best practices

There are several best practices you can follow to improve the security of your data and manage access to it on data.world.

Use organization-owned connections

The Connection Manager on your organization page allows for connections to be managed by only organization administrators. All database and dataset connections are audited and reportable.

Never share keys or tokens

Some third party applications may require an API token or key to work with data.world. If you have such a key or token, or one for data.world's metadata catalog collector, you should never share them with anyone else. These tokens run as your user with your permission levels. Every user who needs an API token should have their own for security and accountability.

Provide masked/limited file previews on discoverable datasets

Often for evaluating data you want users to understand not only the column names and other descriptive metadata, but also some example rows. Masking/limitations applied to samples allow for them to be provided in a way that effectively works within sensitive data or compliance needs.