-
Preparing for a Password-Free Future in Smartsheet: Share Your Feedback!
As part of our ongoing commitment to security and authentication best practices, we are preparing to deprecate password-based login for Smartsheet accounts. Our goal is to transition to more secure authentication methods, such as email-based Time-Based One-Time Passwords (TOTP) and eventually full two-factor authentication…
-
Keeping the API token secure on a shared hosting website. Using PHP
I have a website on shared hosting. I know that I should keep api tokens out of public_html folders on said website. I would like to use a <domain>/config/config.php file to hold those api tokens for Smartsheets. This approach is working for another application that I integrate with from this website. However, when I put…
-
Sheet Activity Logs - Export for Longer than 90 Days
Today the Activity Log is limited to 90 days activity. However, for the security team at my company, they require me to log sheet activity and store that information for 1 year / 365 days. Therefore, I have to export 90 days at a time and store it manually vs allowing SmartSheet to store it, thereby, not needing me to do…
-
Smartsheet Backup and Recovery
We would like Smartsheet to provide a mechanism to do a full backup and restore of related files. While a step in the right direction is the ability to restore to a previous version of a sheet, we find that in an integrated environment, this would not be sufficient: We have a single worksheet that drives multiple reports…
-
Advise on Workgroups and access for Groups
I have Workspaces that have sheets containing sensitive information. The Workspaces have Individual access to a few people. With in the Workspace, I created Dashboards, with Dynamic Views. Each is set with specific Groups to access specific information. The users in the groups can not see or access the Dashboards, unless I…
-
PIN and Touch ID for Smartsheet App
Hi It should be a standard expectation that all apps holding significant IP data and financial information have minimal protection in place. Imagine a bank app that didn't ask for your PIN or Touch ID? It should be self-evident that the Smartsheet app MUST have a security feature. Please make this an obvious high priority.…
-
Does Gov Smartsheet contain FIPS Moderate or higher rating for data and information stored?
My question is surrounding the FIPS for security rating of this application/software for government users. I would like to know if it is rated atleast FIPS Moderate?
-
Desktop App to use system default browser for Authentication
The Smartsheet desktop app currently uses an embedded browser (WebView/WebView2) for authentication and does not support using the system browser for OIDC sign-in. This is why it fails Conditional Access policies that require device compliance or trusted client conditions. Please add support for launching authentication in…
-
Merged: Folder sharing while limiting workplace sharing
This discussion has been merged.
-
Security Question
Hi, I'm relatively new to SmartSheet so I was hoping I could get some input from the experts. I have a consulting business and use SmartSheet for various things from project plan mgmt to status reporting. I am trying to understand the security model better. I have reviewed different articles from the knowledge base but I'm…