Salesforce’s Shield Set to Fortify Cloud Security- While Solving Compliance Issues

Salesforce has made an important announcement on Monday, unfurling a set of data governance services optimized for Salesforce applications. Addressing the common issue cited in many adoption studies- in which security concerns are cited as the main inhibitor to enterprise take-up, the new development has broad implications for how compliance will be managed in the cloud era. The aptly named Salesforce Shield gives its users access to encryption, audit trail and event monitoring services that are tightly integrated with individual customer records within both Salesforce applications and any third-party application provider that makes use of Salesforce application programming interfaces (APIs) to tap into those records. CTO of Salesforce partner Conga, Michael Markham, said that as businesses need “a holistic way of managing and tracking that data”, as more and more data is moved to the cloud. “Salesforce Shield lets customers manage their data across apps in the Salesforce ecosystem without having to build or buy additional point solutions for each app.” He added.

As Salesforce’s main appeal is its slickness and accessibility, you might be asking yourself how these new features fit in to the bigger picture. Well here’s how:

Salesforce was quick to note that the Platform Encryption feature, for example, was designed to preserve important business functionality, while allowing businesses to encrypt their most sensitive data- such as search and workflow. Salesforce provides the example of a healthcare insurance company which can manage personally identifiable and protected health information, without compromising the ability of customer service agents to search, view, modify or run workflows and other key functions using that data. Other features, such as Field Audit Trail, allow customers to track changes at the field level for up to ten years and set different policies for each Salesforce object to ensure data is purged when no longer needed, and Event Monitoring lets IT organizations see which users are logging into Salesforce, what information they are accessing, from where, and through what channel. This way, according to Salesforce, wealth management firms for example can use Event Monitoring to determine whether financial advisors are capturing the right client data in Salesforce. Also announced in the press release was Data Archive, a feature set to be released next year that allows customers to store long-lived business data in the Salesforce1 Platform- an ideal feature for companies\organizations that are required to store decades of data- patient data, as required by law from hospitals for example. The said patient data could be transferred into near-line storage and access it via simple queries when necessary.  
Amanda is the Lead Author & Editor of Rainforce Blog. Amanda established the Rainforce blog to create a source for news and discussion about some of the issues, challenges, news, and ideas relating to Salesforce usage.