Industries requiring strict compliance regulations can now use Salesforce Shield to help secure their data within Salesforce. Although Salesforce offers endless possibilities with its customizable multi-tenant environment, for financial services and healthcare industries it can be a daunting task securing data to meet compliance requirements.
Whether you’re an administrator responsible for managing HIPAA compliance for a healthcare company or a developer customizing the platform for a financial services firm, both will be faced with many challenges trying to maintain the security of data that meets industry’s demands.
To meet the increasing regulatory requirements for many of its customers, Salesforce developed a new security feature called Salesforce Shield. A Salesforce Shield implementation offers companies the ability to secure, track and monitor data that’s easy to set up and ensures the governance required for companies with the most strict compliance regulations.
Salesforce Shield is comprised of 3 components – Platform Encryption, Field Audit Trail and Event Monitoring. Let’s take a look at each component’s features and the benefits they provided:
Platform Encryption
Seamlessly Protect Data At Rest
- Encrypt Standard and Custom fields, Files & Attachments
- Allows company or user to easily encrypt data with very little setup
- Allows for standard functionality and additional customization to not affect what’s been encrypted
- Protect against unauthorized data access
- In the unlikely event that someone got access to SF servers they would not have access to encrypted text through SF shield
Natively Integrated with Salesforce features
- E.G, Search, Chatter, Lookup’s – All work with encrypted data
Customer Managed Keys
- Customer-Driven encryption key life-cycle management
- Based on a derived key architecture
- Different bits of seeding information that generates the key
- When the key is created its only generated in memory
- Company’s can chose how to manage the key
- Company can import, export, destroy or generate new key at any time
- Customer is given complete control over the life cycle of the key
Field Audit Trail
We often forget what it is exactly that we are trying to secure and protect. Not only do we need to provide security for unauthorized access of data, we also must protect the integrity of our data. Meaning – we need to ensure that the data we have collected and stored is accurate and remains correct. Field Audit trail was specifically designed to ensure the integrity of data.
Ensure Data Is Accurate, Complete & Reliable
- Answer the who, what, when of data changes
Establish Data Retention Policies
- Comply with internal and industry regulations (HIPAA, PHI, SOX Audit)
Track & Access Data At Scale
- Big data back-end for more fields for longer retention
- Track up to 60 fields for a single object
Event Monitoring
Monitor User Activity
- Know who is accessing your data and from where
Optimize performance
- Troubleshoot application performance to improve end user performance
Track Application Usage
- Understand application usage to increase adoption
Monitoring Adoption
- Keep track of how your users are adopting new features built out in Salesforce
- What customization’s have been successful and which have not
- Help drive a proactive approach towards how your spending money for additional customization(s)
Event monitoring can keep track of every users activities on the platform. What files are downloaded, reports extracted, login time and location, etc. Everything is tracked within a single user dashboard and in one location.
Whether you’re a company facing challenges from growing regulatory compliance or a company looking to simplify the way you monitor and secure data, Salesforce Shield offers the tools to enable you to provide better security. For more information on how Salesforce Shield can benefit your business to get started with Salesforce Shield implementation contact Cirrius Solutions.