The most important feature to consider when adopting a new service is security. You need to be certain your data and personal information are going to be kept safe at all times. This is done using encryption – the practice of scrambling data so that only authorized users can view it. But how does Notion look after user information? Does it use encryption, or does it rely on something else?
Notion uses encryption at rest and in transit, but not end-to-end. This is because such encryption would make features like full text search near-impossible, according to a Notion representative. But what does this mean for us, the end users? Well, despite keeping its databases – and by extension, all user data – encrypted at rest, Notion employees can access the information in its entirety.
Notion claims that they can only do so after receiving explicit consent from a user, and that all employees are legally bound to keep user data confidential. It has practices in place to prevent employees from abusing their power, logging all instances of accessing customer data and reviewing these logs on a regular basis. But the fact of the matter is: Outsiders can access your information.
This makes it a tough sell for would-be corporate customers. Information is the lifeblood of any business – the last thing you want is for your trade secrets to leak out. While most Notion operate honestly, having such a backdoor into user data is an unnecessary risk, and so it’s hard to imagine Notion rivaling the likes of Asana and Trello until it offers users the option to enable end-to-end encryption.