Data Security/Sharing


#1

Hello,

I’m genuinely impressed by Metabase as a potential BI dashboard solution. It appears to be incredibly well thought out and maintains intuitiveness without sacrificing flexibility; a combination rarely achieved. So, first of all, thanks for the time, attention, and effort that is so apparent in the design. Also, thanks for the decision to release as an open source solution.

I’m considering recommending Metabase as a potential BI solution for a client who houses sensitive data in their enterprise data warehouse and as such, have concerns related to data security; specifically what types of data are shared with Metabase and whether this would be an appropriate recommendation for this type of application.

After reviewing the privacy policy, I understand that some data related to how Metabase is being used is shared (e.g., types of queries being run, number of rows processed, flavors of databases being used). I understand the benefits from the collection of these types of data and would likely recommend the sharing of same, but I’m concerned about the use and sharing of sensitive data that might occur outside of the enterprise.

I reviewed the the privacy policy, and to be honest, the reference in the first line:
We at Company know you care about how your personal information is used and shared…”
doesn’t bestow a sense of sincerity; rather it presents as a quick copy/paste from a policy template vs. something as well thought out as Metabase itself.

I apologize for the drawn-out nature of this post so - on to the point:

  1. Is Metabase appropriate for this type of client/application and, if so,
  2. where can I find more information that might help to provide a sense of confidence for a client related to data security?

Thanks so much for any response and thanks again for making such a powerful tool available.


#2

Hi @ttist25

You can disable the Anonymous Tracking under Admin > Settings > General.
I work for a company that has patient records, so I’ve had to go a little further and removing the Google Analytics part from the code, since that’s not allowed - even if it’s disabled. And even the check-for-updates has been disabled.
It sounds like you’re dealing with similar constraints, but you can get quite far by using a reverse proxy and egress firewall - that way you’re still using an official package without needing to compiling your own version (even though that has some benefits, such as adding work-in-progress pull requests, which hasn’t landed in the official versions yet).


#3

Thanks for the response @flamber - it is greatly appreciated and your recommendations make good sense. I will look for resources on implementing the solutions you’ve suggested.

Thanks again for your help!


#4

Both privacy policies you link to relate to the website (metabase.com) and the discussion forum (discourse.metabase.com).

Neither has any bearing to the use of Metabase, the application. That is under the AGPL (https://metabase.com/license/). Aside from anonymous statistics that we inform you about and let you control when you install Metabase, we never see any data.

Metabase, the application, is pretty securable (note: securable, not secure. Secure is a characteristic of the entire system/infrastructure you run). If a third party is running Metabase on your behalf, then you should check in with them about their privacy policy.