At Coda, the importance of security is deeply ingrained in our practices. We have made substantial investments in both application and infrastructure security, ensuring that your data is well-protected. Additionally, we offer a range of exclusive security features to our Enterprise plan customers. These features provide you with enhanced control over your organization's data, the ability to customize policies according to your requirements, and the confidence to fully utilize Coda as your comprehensive collaborative workspace.
This article highlights many of these features and includes links to articles where you can learn more!
Org admins: a new role for added control
Customers on our Enterprise plan have access to an additional role: org admins. These admins control the org-level settings and policies, which apply to all workspaces and users in your Enterprise org. They have access to all org security features discussed in this article. This role is typically filled by members of your IT team.
Enterprise org admins have access to the organization settings, where they can gain valuable insights about their org and access all the security controls discussed in this article. To find the organization settings, just go to coda.io/docs, click on More options in the lower left corner of your screen, then select Organization settings.
While Coda already allows for a number of sign-in methods, the Enterprise tier includes access to an additional form: SAML SSO. Additionally, org admins can enable or disable specific sign-in methods for the entire org.
Enterprise organizations can provision and de-provision users and groups in Coda directly from their identity management provider using SCIM.
Use the Org membership tab of your Organization settings to easily deactivate org members from all your Coda workspaces and reassign ownership of their docs.
Control sharing of docs, Packs, and forms
Org admins can set rules for how docs, forms, and Packs are shared outside of your org (or even prevent external sharing entirely). Similarly, use the Public Docs dashboard to view publicly shared docs and change their permissions.
Manage access to and usage of Packs
Packs are integrations that allow you to pair your favorite external tools - Figma, Jira, Gmail, and many more - with Coda. But Enterprise admins may want to have control over which Packs are available to their users, and how exactly they can be used. Check out the features below to learn more.
Admin API & audit events
The Coda Admin API is a RESTful API that allows programmatic access to administrative reports and capabilities within Coda. Enterprise admins can use the Admin API to view and modify policies, integrate with a DLP or e-discovery tool your company may use, view audit logs, and more.
Other Enterprise policies
There are several other policies that can be configured for Enterprise customers. To enable these policies for your organization, please reach out to your Customer Success Manager.
Inbound sharing policy: This policy allows you to configure whether your employees can access docs owned by external organizations.
Publishing policy: With this policy, you can configure whether your employees can publish docs on Coda.
Shared folder creation policy: This policy allows you to configure whether your employees can create shared folders, which make docs accessible to all workspace users.
Data export policy: You can configure this policy to control whether your employees can export docs.
File uploads policy: This policy allows you to configure whether your employees can upload files (such as PDFs, CSVs, and JPGs) into Coda docs.
Session duration: With this policy, you can set a limit on the duration of your employees’ sessions.
Coda offers advanced admin dashboards for enterprise customers to effortlessly manage their workflows. In addition to the dashboards for viewing and managing publicly shared docs and Pack approvals mentioned earlier, Coda also provides other dashboards through the Coda Admin Pack, including:
A dashboard for viewing and managing licenses
A dashboard for viewing user activity