Encryption in Salesforce

When we talk about Encryption in Salesforce, There are typically three kinds of encryption you may need to secure your data:

  • Encription at rest
  • Encription during transit
  • Encription during usuage

Here we will be going to talk about Encryption at rest which is provided by Salesforce Shield which provided 3 products:

  • Event Monitoring
  • Field Audit Trail
  • Encryption

Encryption

Protect data at rest – Encrypt standard & custom fields, files & attachments

Natively to Salesforce features like Search, Chatter, Relationship work with encrypted data

Bring your Own Key: Customer can manage keys, Customer-driven encryption key lifecycle management

Salesforce Shield

Find more details at https://developer.salesforce.com/docs/atlas.en-us.securityImplGuide.meta/securityImplGuide/salesforce_shield.htm

There are two types of Shield Encryption: Deterministic & Probabilistic. Deterministic encryption is for the field which you need in the where clause in a query but the Probabilistic type ensures extra security than the Deterministic type.

Don’t get confused between Classic encryption and Shield platform encryption, Classic encryption is also provided on top of platform with no cost but it doesn’t support Standard field, File, also it provides 128 bit AES and user access to encryption filed is managed by permission set

Leave a comment

Your email address will not be published. Required fields are marked *