RevCult is now OwnBackup Secure! In 2021, OwnBackup acquired RevCult, enhancing the cloud data protection platform with proactive data security. With OwnBackup Secure, you will strengthen security posture by understanding data exposure risks and proactively taking action to protect and secure your data—all within Salesforce.
Salesforce Shield is a popular solution for many of our clients in highly regulated industries concerned about data encryption and security (for example, healthcare, financial services, and government).
One of Shield’s core services, Platform Encryption, encrypts sensitive data at rest while preserving business application functionality (search, etc.). Salesforce delivers amazing product innovations on an ongoing basis, with three major releases per year that fully preserve existing functionality while enhancing the Shield feature set.
Although there are always discussions around the initial implementation of Platform Encryption, however, what about ongoing maintenance to ensure regulatory compliance? Here are three reasons why you should continuously monitor and update your Shield Platform Encryption configuration, even with seamless upgrades from Salesforce:
We all know your organization is always changing. Admins and developers are adding new fields, new reports, new list views, and implementing new features all the time. How do you ensure you're in compliance with your information security team’s security needs?
As Salesforce continues to evolve the Shield Platform Encryption offering, we are seeing a trend of easing the rules that might have previously been a barrier to encryption.
There may be fields you wanted to encrypt previously but couldn’t—and with the new rule changes, you might be able to. However, you won't know this until you re-evaluate your compliance needs regarding Shield Platform Encryption.
No matter what your compliance needs are, there's always an audit cycle—whether it’s quarterly, annually, or semiannually. Auditors are always going to come back, and they’ll want to see evidence of how you supported your compliance over time. To date, there's only one tool to give you easy access to know what fields are encrypted across your organization: Secure for Shield.
In conclusion, keep in mind that your implementation of Salesforce Shield Platform Encryption is the beginning, not the end, of your efforts to secure your data in the cloud. You will want to develop an ongoing plan to keep up with changes (both yours and Salesforce’s) and review your implementation on a regular basis to record the state of your instance at points in time.
We've developed tools to help with this as Shield Platform Encryption has evolved over the years. Feel free to reach out if you need any assistance putting a plan into action for your organization.
Interested in learning more? Request a free Guided Risk Assessment for Salesforce today, or schedule a demo below.