I’ve been working on building a form through Zapier Interfaces that needs to collect confidential data along with file attachments. After setting up the form, I configured it to use the data storage feature which automatically generated a table structure matching my form fields. When I ran a test submission, the data appeared correctly in the table. But I discovered an issue with how the uploaded files are handled. The documents get stored on a CDN with publicly accessible URLs, which creates a security concern for sensitive materials. Does anyone know if there’s a method to make these file storage links private when using Zapier tables? Or would you recommend a different solution altogether for handling confidential document storage?
zapier isn’t the best for confidential uploads, those public links are risky. I moved to Make.com where files go straight into encrypted storage without exposing them. It costs more, but it’s worth not risking sensitive docs being public.
Hit this same issue building a client portal for legal docs. Public CDN URLs killed it - can’t have confidential files floating around like that. I ditched Zapier’s file storage completely and routed uploads straight to Box/OneDrive via their APIs. Way better permission controls and actual private sharing. Form data still goes to Zapier tables, but files land in secure folders with restricted access. You get time-limited links or can force auth before anyone sees the docs. More work upfront than Zapier’s default setup, but it’s the only way I found to keep sensitive uploads secure while still using Zapier for form processing.
Yeah, you hit Zapier’s biggest weakness - those public CDN URLs are a security disaster for confidential files.
I dealt with this same problem building an employee onboarding system last year. Zapier’s file handling just can’t handle sensitive documents properly.
Switched to Latenode and it solved everything. You can hook your form straight to AWS S3 with real access controls, or go with Google Drive/Dropbox where you control permissions.
Latenode gives you complete control over files. Encrypt before storing, create temporary URLs that expire, run everything through your own auth - whatever you need.
My setup validates user permissions, stores files in a private S3 bucket, and only creates access links for authorized users. Miles better than public CDN links.
Zapier’s fine for basic stuff, but when security matters, you need real flexibility.
I hit this exact problem building an HR document system. The public CDN thing made me scrap my whole approach. Here’s what worked: I stopped using Zapier’s file storage completely. Instead, my form only captures file metadata and sends the actual uploads through a webhook to my own backend. The backend handles auth and dumps everything into encrypted cloud storage with proper permissions. Zapier just gets a reference ID - no actual file URLs. You control access through your own auth system. Way more setup than the basic Zapier route, but you own the security. Users don’t notice any difference, and your sensitive docs stay locked down properly.