Industries requiring strict compliance regulations can now use Salesforce Shield to help secure their data within Salesforce.  Although Salesforce offers endless possibilities with its customizable multi-tenant environment, for financial services and healthcare industries it can be a daunting task securing data to meet compliance requirements.

Whether you’re an administrator  responsible for managing HIPAA compliance for a healthcare company or a developer customizing the platform for a financial services firm, both will be faced with many challenges trying to maintain the security of data that meets industry’s demands.

To meet the increasing regulatory requirements for many of its customers, Salesforce developed a new security feature called Salesforce Shield.  A Salesforce Shield implementation offers companies the ability to secure, track and monitor data that’s easy to set up and ensures the governance required for companies with the most strict compliance regulations.

Salesforce Shield is comprised of 3 components – Platform Encryption, Field Audit Trail and Event Monitoring. Let’s take a look at each component’s features and the benefits they provided:

Salesforce Shield Implementation

Who’s Looking at Your Data?

Platform Encryption

Seamlessly Protect Data At Rest

  • Encrypt Standard and Custom fields, Files & Attachments
    • Allows company or user to easily encrypt data with very little setup
    • Allows for standard functionality and additional customization to not affect what’s been encrypted
    • Protect against unauthorized data access
      • In the unlikely event that someone got access to SF servers they would not have access to encrypted text through SF shield

Natively Integrated with Salesforce features

  • E.G, Search, Chatter, Lookup’s – All work with encrypted data

Customer Managed Keys

  • Customer-Driven encryption key life-cycle management
  • Based on a derived key architecture
    • Different bits of seeding information that generates the key
    • When the key is created its only generated in memory
    • Company’s can chose how to manage the key 
    • Company can import, export, destroy or generate new key at any time
    • Customer is given complete control over the life cycle of the key


Field Audit Trail

We often forget what it is exactly that we are trying to secure and protect. Not only do we need to provide security for unauthorized access of data, we also must protect the integrity of our data. Meaning – we need to ensure that the data we have collected and stored is accurate and remains correct. Field Audit trail was specifically designed to ensure the integrity of data.

Ensure Data Is Accurate, Complete & Reliable

  • Answer the who, what, when of data changes

Establish Data Retention Policies

  • Comply with internal and industry regulations (HIPAA, PHI, SOX Audit)

Track & Access Data At Scale

  • Big data back-end for more fields for longer retention
  • Track up to 60 fields for a single object


Event Monitoring

Monitor User Activity

  • Know who is accessing your data and from where

Optimize performance

  • Troubleshoot application performance to improve end user performance

Track Application Usage

  • Understand application usage to increase adoption

Monitoring Adoption

  • Keep track of how your users are adopting new features built out in Salesforce
  • What customization’s have been successful and which have not
  • Help drive a proactive approach towards how your spending money for additional customization(s)

Event monitoring can keep track of every users activities on the platform. What files are downloaded, reports extracted, login time and location, etc. Everything is tracked within a single user dashboard and in one location.

Whether you’re a company facing challenges from growing regulatory compliance or a company looking to simplify the way you monitor and secure data, Salesforce Shield offers the tools to enable you to provide better security. For more information on how Salesforce Shield can benefit your business to get started with Salesforce Shield implementation contact Cirrius Solutions.