I spoke about Salesforce Shield at Dreamforce 17 but never got a chance to write a blog about it. Want to keep your data clean and free of duplicity? Want to reach more customers and build good relationships with them? Is the security of data bothering you? Therefore, I am laying a step forward to introduce you to every facet of data privacy and data security in Salesforce. This post will give you an insight into data protection, Salesforce security capabilities, and other best practices.
Data Security, data privacy, authentication are the major concerns that surround the technology. When talking in terms of Salesforce, everything is in the cloud. Customer’s data security and safety is the incredible investment and the prime aspect that Salesforce always targets. As we all are acquainted with the fact that “Salesforce delivers the #1CRM solution in the world”. This is attributed to the high level of trust that customers put in Salesforce security. Salesforce has always been revolutionizing its technology with innovative ideas. Therefore, this time to add that extra layer of security and privacy Salesforce has introduced Salesforce Shield. Let’s kick off with some insight on Salesforce Shield.
Salesforce Shield is the bundle of three products namely:
- Event Monitoring
- Field Audit Trail
- Platform Encryption
Event Monitoring in Salesforce Shield
Event Monitoring is going to be a boon for the users. Wondering how? Let me unravel it. Driving targeted user adoption strategies, a better understanding of user behavior, identifying anomalies that potentially signify security are some of the fundamental concerns that draw our attention. This all can be monitored through this incredible tool event monitoring. Most importantly, It provides insights into the system’s statistic regarding performance, analyzes trends, views user behavior, and much more. It isn’t amazing that all this data will be available at your fingertips.
Field Audit Trail in Salesforce Shield
This wonderful functionality in Salesforce permits you to retain field history for up to 10 years. Salesforce is expanding its capabilities with extended history because it is valuable for customers for improved monitoring of data.
Platform Encryption in Salesforce Shield
As the technology is booming, complexity is increasing. To provide a solution for this Encryption platform has been designed because it meets the growing needs of the customers. It seems like, Salesforce is leaving no stone unturned in enhancing its security feature. As a result, after the provision of field-level security, it has introduced platform encryption which is a step forward in data protection.
Consequently, Platform Encryption upgrades the security level in encrypting the sensitive data using the provided keys or your own keys. Besides this, there is one thing to keep in mind that this functionality is not at the disposal of every customer. Above all, Platform security is to meet the precise needs of customer compliance and other predetermined obligations.
How does Shield Platform Encryption work With Data Security?
Let’s take a deep dive into how Shield Platform Encryption works with an example. Suppose for the reason that a user has an account record and a particular field say SSID which is encrypted. Salesforce will determine if there are fields that need to be encrypted. Most importantly, If there are encrypted keys present then we will check for data encryption keys from the cache layer. The cache layer plays an important role because it is the storehouse of all the data encrypted keys.
Besides that, a user is already in a secured system then it is not mandatory to generate the keys again and again. It seems like there are two cases that arise: First of all if the key is available then it will use the encryption key. Also, if there is no encryption key available then a request will be sent to create a new encryption key. Therefore, if all the conditions are met data is encrypted.
Above all, Salesforce provides its services in a multitenant cloud.
Here, is a list of some of the data stored in the cloud because it can be encrypted in Salesforce with platform encryption:
|Files & Attachments||Custom Fields||Standard Fields|
|· File attached to feeds
· Files attached to records
· File in the content, libraries and file apps.
· Files managed with Salesforce File Sync
· Email attachments
· Text Area
· (Long) text area
|On the Account object:
· Account name, Description, Fax, Phone
· First, middle, last name
· Phone, Home Phone, Mobile, and another phone on the Case object.
Best Practices to Keep in Mind
- First of all, Encrypt only when necessary.
- Furthermore, strategize to back-up data and keys.
- Also, Understand that encryption applies to all users.
- Above all, the Testing of shield platform encryption in the sandbox.
- Finally, Encryption of mass existing data.
Consequently, I hope that the roundup of some of the dynamic features of Salesforce Shield proves to be beneficial. Most importantly, in my upcoming post, I will highlight more on diverse aspects of data privacy, real-world scenario, and the Salesforce Data Security Model. Till then, keep learning Salesforce.