When a developer uses quickedit to edit an element, the element is getting signed out to them.  In classic Endevor, Retrieve with Signout is not allowed for this user? 

How can security be updated/changed to stop that in Quick Edit? 

Endevor 

All support releases 

You cannot secure the SIGNOUT action in quickedit.  

It is by design that ESI can control the SIGNIN action, but it cannot control an implicit SIGNOUT that occurs during the fetch.  Here is a link to the documentation that provides you with more information on SIGNOUT PROCESSING

There is an option in the C1DEFLTS table - SOFETCH - it specifies whether the ELEMENT that is fetched should be signed out to you, if not already signed out to someone else Y, or not signed out N.   This vaule will come into play with Add (Fetch), Generate (Copyback), Move (Fetch), Transfer (Fetch), Search & Replace (Fetch) and Quickedit.