RevCult is now OwnBackup Secure! In 2021, OwnBackup acquired RevCult, enhancing the cloud data protection platform with proactive data security. With OwnBackup Secure, you will strengthen security posture by understanding data exposure risks and proactively taking action to protect and secure your data -- all within Salesforce.
Your organization has just acquired a great solution to encrypt the data stored within Salesforce - Shield Platform Encryption. Okay, so now what?
Now is the time to partner with your Salesforce Admin/Developer and help them understand what’s necessary to be secured from a regulatory/compliance perspective. But before you start, it's important to know where they're coming from. Their top priorities are:
Admins/Developers may have concerns that encryption is overly complicated or could slow down the business. Therefore, it’s helpful to illustrate the importance of encryption from a business impact perspective by explaining:
Once you're both on the same page, how do you make sure you’re secure AND keeping the system moving at the pace of business?
Determine what type of data is being stored, where it’s located and what needs to be encrypted with a Data Classification exercise. Work with the Salesforce Admin/Developer to review your environment and identify which fields should be encrypted based on the data stored, your industry, and other internal or regulatory requirements. Bucket your data into different categories from highly sensitive customer data to data that may be freely disclosed with the public. For example, you could classify by:
Once you’ve categorized the data, select the fields you wish to encrypt to help guide the rest of the Platform Encryption implementation.
Tips for the InfoSec team:
Next, your Salesforce Admin/Development team will need to identify and evaluate the potential effects encrypting certain data will have on the business by performing a Businesses Impact Assessment.
First, they’ll evaluate all the fields you’d like to encrypt at rest and understand how they’re used in business processes / org configuration to determine what might happen if you were to encrypt the data with Salesforce Shield Platform Encryption. They’ll need to check all of the formula fields, reports, list views and Apex code to find any possible breakage. These rules change from time to time as Salesforce is working hard to reduce the limitations of Platform Encryption, so be sure to consult the latest Platform Encryption Implementation Guide for the latest and greatest rule set. If this sounds complex and time-consuming – it definitely can be!
Next, discuss mitigation steps and determine whether security concerns outweigh business impact or vice versa. For example, you may decide certain reports are needed, code needs to be rewritten and a formula field is essential to keep. Your admin might use our Platform Encryption Implementation checklist to better understand which fields you can encrypt and how to avoid unexpected business impact.
As you’ll see from the checklist, Salesforce has a large (ever-evolving) set of rules that makes this process very time consuming. After conducting many implementations and ongoing PE maintenance for clients, we decided to build a solution – OwnBackup Secure for Shield. Our app simplifies the data classification and business impact analysis process, making understanding the impacts of encrypting Salesforce data a piece of cake (see demo videos below)!
Tip #3: Don't rush. Deciding whether or not to encrypt a certain field can be a big decision. Give your Salesforce experts enough time so they don’t overlook a negative downstream impact to the business.
And you’re done… for now. As your specific implementation of Salesforce evolves (and so does the Salesforce platform itself), make sure you continuously monitor and update your Shield Platform Encryption configuration to ensure regulatory compliance.
Interested in learning more? Request a free Guided Risk Assessment for Salesforce today, or schedule a demo below.
As the #1 SaaS data protection platform for Salesforce, OwnBackup enables daily, automated backup and rapid recovery of Salesforce data and metadata with no storage limits. With tools to survey changes to an object, filter just unwanted data changes, and restore at the field level, we help customers quickly and easily restore accurate data.
For a side-by-side comparison of OwnBackup Recover and the Weekly Export, check out our infographic here.