Background:

Our users do not have access to reports and cannot update Views.  

None of our View lists contain Street, Phone, Email.  

On Details, I give Users access to view/read/write to Street, Phone, Email fields when they are looking at the Detail.  

For example, It's important for a telemarketer to get an Email address from the prospect to send follow up email.

As we have turnover and Telemarketers/Salespeople quit, I'm confident they will not have taken the time to go into 60,000 detail records to copy/paste 60,000 records and re-format the data for Excel.    

Security Issue:

On most Pre-Defined Views, the display fields can be edited.  

But Zoho provides Users a backdoor to download our complete Email address list.

Admin cannot edit the following views:

1. Converted Leads - Phone & Email

2. My Converted Leads - Phone & Email

3. Recently Created Leads - Email

4. Recently Modified Leads - Email

5. Recently Created Contacts - Phone & Email

6. Recently Modified Contacts - Phone & Email

There may be others in other modules we do not use.  Not an issue with Activities & Potentials.

Those views show Full Name, Company, EMAIL.

It takes seconds to copy/paste 100 emails at a time to Excel.

Does anyone else have concern about this vulnerability?