1. Platform Encryption for ISVs
Partner Webinar 23-Feb 2016
Assaf Ben-Gur - Platform Encryption PM
Platform Encryption TE Expert Team:
Daniel Jallais
Marco Kuster
Warren Chen
2. Safe Harbor
Safe harbor statement under the Private Securities Litigation Reform Act of 1995:
This presentation may contain forward-looking statements that involve risks, uncertainties, and assumptions. If any such uncertainties materialize or
if any of the assumptions proves incorrect, the results of salesforce.com, inc. could differ materially from the results expressed or implied by the
forward-looking statements we make. All statements other than statements of historical fact could be deemed forward-looking, including any
projections of product or service availability, subscriber growth, earnings, revenues, or other financial items and any statements regarding strategies
or plans of management for future operations, statements of belief, any statements concerning new, planned, or upgraded services or technology
developments and customer contracts or use of our services.
The risks and uncertainties referred to above include – but are not limited to – risks associated with developing and delivering new functionality for
our service, new products and services, our new business model, our past operating losses, possible fluctuations in our operating results and rate of
growth, interruptions or delays in our Web hosting, breach of our security measures, the outcome of any litigation, risks associated with completed
and any possible mergers and acquisitions, the immature market in which we operate, our relatively limited operating history, our ability to expand,
retain, and motivate our employees and manage our growth, new releases of our service and successful customer deployment, our limited history
reselling non-salesforce.com products, and utilization and selling to larger enterprise customers. Further information on potential factors that could
affect the financial results of salesforce.com, inc. is included in our annual report on Form 10-K for the most recent fiscal year and in our quarterly
report on Form 10-Q for the most recent fiscal quarter. These documents and others containing important disclosures are available on the SEC
Filings section of the Investor Information section of our Web site.
Any unreleased services or features referenced in this or other presentations, press releases or public statements are not currently available and may
not be delivered on time or at all. Customers who purchase our services should make the purchase decisions based upon features that are currently
available. Salesforce.com, inc. assumes no obligation and does not intend to update these forward-looking statements.
3. Agenda
- Introduction / Warren
- What is Platform Encryption / Assaf
- Roadmap / Assaf
- Ensuring ISV Encryption Readiness / Daniel
- Demo, how to set PE on an org and potential errors with packages / Marco
- Next Steps / Daniel
- Q&A
5. Introduction
Platform Encryption
- One of our most successful products, ever: In use today by many of our largest brands
- Customers can encrypt many Standard fields, incl. within Communities (Spring ‘16)
- Support for Managed Package fields coming in Summer ‘16
Impact for ISVs:
- Platform Encryption breaks some core functionality, including some likely used by ISVs
- Not supporting PE can result in lost business if customer decides to not use the ISV app
Actions from ISVs:
- Test their app with Platform Encryption; understand if changes are required
- Decide if they want to invest in supporting PE or not, being aware of business risks
- Adapt their packages, if necessary
8. What is Platform Encryption?
The App Cloud platform features and supporting infrastructure
that enable customers to easily and securely encrypt data at
rest in Salesforce while preserving critical business
functionality.
9. Architecture Overview
Encrypted Fields Encrypted Files
AES 256
DATA
Database File Storage
FF
X
Database File Storage
FF
X
Database File Storage
FF
X
Database File Storage
FF
Key Derivation
Server
Embedded HSM
Key Derivation
Server
Embedded HSM
Key Derivation
Server
Embedded HSM
Key Derivation
Server
Embedded
HSM
10. Key Capabilities
Turn encryption on custom field types,
declaratively or via the MDAPI
While data is strongly encrypted at
rest, field length is not affected
Manage organization encryption keys declaratively
via the Setup UI or API, including Generate, Rotate,
Export, re-Import and Destroy Keys
Text
Text Area
Text Area (Long)
Email
Phone
URL
Turn encryption on standard fields,
declaratively or via the MDAPI
Search encrypted data via
Global Search, S1 and
SOSL
Files and Attachments can be encrypted
while at rest in just one-click
11. Platform Encryption Use Cases
Facilitates
● Regulatory Compliance
● Unauthorized Access to Database
● Contractual Obligations
● PII & Data privacy
Does NOT replace
● Sharing Model
● Object/Field Level Security
● Data Residency Solution
● Encryption for Non-Salesforce Data
● Protection against Social Engineering
12. Proper Encryption Impacts Functionality
Not possible to reference encrypted fields:
● In SOQL WHERE clause
● In SOQL ORDER BY clause
● In SOQL GROUP BY clause
Feature limited with encrypted fields:
● Filtering in reports & list views (works in WF rules)
Key ISV impacts for referring encrypted fields using these unsupported functions
1. Package install/upgrade will fail
2. Field encryption will fail if a package reference that field using unsupported functions
Workarounds arepublished
● In Formula fields (roadmap)
● As External lD or Unique
● Sharing Rules [Filtering]
14. Summer ’16
(~Jun ‘16)
Allow encryption on
Managed custom fields,
Subscriber control (540+
points)
Winter ’17
(DF ’16 / Oct ‘16)
Policy-driven encryption:
- Blacklisting Manage
Custom fields by default
- Blacklisting/Whitelisting
custom and/or standard
fields, Developer Control
Planned ISV Features (Forward-Looking Statement)
Summer ’15
(Jun ‘15)
DF ’16
Highlight
Spring ’16
(~ Feb ‘16)
Execute Describe calls
querying encrypted fields
in non-Platform Encryption
orgs
(Field.Encrypted? Right,
Left otherwise)
Platform Encryption GA
API Accessible
Encryption/Decryption is
transparent, tied to FLS
And many more just works
seamlessly..
16. 71% of Customers Installed 1+ App
Pre-integrated apps help customers move faster
25% of customers installed 3+ apps
Over 2,700 apps
3.5 Million installs
18. What’s in it for me?
Why should we invest in being encryption-ready?
The world is changing
Encryption at rest becomes a requirement.
Likely to become a standard like SSL/TLS is today.
Be encryption-ready
- to position your app ahead of the industry,
- to reveal new opportunities,
- to get a major key differentiator
Big customers. Big Money.
19. What to do?
Measure functional impact if a given field is encrypted and ...
Used in... Replace by... Check...
Report/Listviews with Filter/
Sorting
VF pages
No report
Usability impact
Customer’s Value
SOQL Where Clause/Filters SOSL search App efficiency
SOQL Order by/Sorting Apex code ordering/sorting App efficiency
Filtering in sharing rules Apex sharing rule
Formula (roadmap) Workflow field update
Apex code
Schema impact
Schema impact + Customisability
Dynamic SOQL N/A Runtime Execution
Managed Custom Field N/A Summer’16 [safe harbor]
20. Org with PE
Install package
Load data
Successful
Installation?
Test application
Dynamic SOQL?
Identify and change
if needed
Encrypt ALL std
fields & files
Update package
Field meaningful
to encrypt?
Un-encrypt field*
Still errors ?
Correct or
Un-encrypt field*
Update Your Listing
next error
all errors managed
yesno
yesno
yesno
yesno
How to test an application? (by
the ISV)
Start
End
for every error
*Un-encrypt field: worst case scenario where ISV
decides to NOT support this field being encrypted, so
will limit / reduce capabilities to customers.
21. Delivering Platform Encryption support to your customer
1 package fits all - Allow any customers to encrypt
● Update your package
• Implement workarounds
• Use of Dynamic SOQL combined with Describe isEncrypted Field
● Update your customers
22. “Platform Encryption Ready” applications
What is it?
- A new filter in the appexchange for DF’16 (Safe Harbor)
- ISV partner sentence “Tested for Platform Encryption” under the
App Description and/or under Other Requirements
Who is responsible?
- Under the ISV Partner responsibility
What about Security Review team?
- ISV Partner to document usage of Dynamic SOQL in the context
of Platform Encryption to facilitate SR team audit.
- Apex code to check if current user has ‘View Encrypted Data’
enabled similar to CRUD/FLS
- Checkmarx Scanner not able to identify Platform encryption error
23. ISV Impact
Positive revenue impacts
Salesforce Shield is made of 3 components that you can sell individually or all bundled together.
● Platform Encryption
● Event Monitoring
● Field Audit Trail
*All Pricing are based on PNR
Revenue and Direct Sales RISKS
Customer can decide to NOT buy or uninstall if Platform Encryption is not supported by your App.
Ensure Direct Sales will think “Platform Encryption is fully supported by any ISV Solution”
24. Demo
how to set PE on an org and
potential errors with packages
26. Next steps
Check your application(s) against Platform Encryption
Now
Decide to leverage Platform Encryption
Start thinking about encrypting your package’s fields.
Platform Encryption page on partner community
Available after the webinar
Will contain all information, FAQ, code examples,etc.
Partner community Chatter group: Platform Encryption for ISVs
To ask questions
https://partners.salesforce.com/_ui/core/chatter/groups/GroupProfilePage?g=0F930000000PbFT
31. Enable full Platform Encryption
Start from a new Dev org (https://developer.salesforce.com/signup )
Or open a ticket to get it enable on pre-existing Org
To turn on encryption:
1. https://developer.salesforce.com/signup to get a new org.
2. Grant Manage Encryption Keys to the Encryption Admin (spring’16): Permission Set or Profile
3. Go to Setup and search for ‘Encrypt’
4. Click on Platform Encryption
5. Click on Generate Tenant Secret button
6. Click on Encrypted Fields
7. Click on Edit
8. Select all possible fields and Save
9. Click on Back to Platform Encryption
10. Enable Files and Attachments encryption
11. Click on Save to save your choice
12. Update existing data or upload new data so that the crypto service will kick in and encrypt it
13. Grant View Encryption Data to users
34. Building/Updating Apps with Platform Encryption
workarounds: https://developer.salesforce.com/events/webinars/platform_encryption
* Formula fields on the long term roadmap
Instead of …
SOQL Where Clauses/Filters
SOQL Order By/Sorting/Group By
Formula Fields*
Sharing Rules (filtering)
Use this Feature …
SOSL Search + Find
Sort in Apex
Workflow/Apex trigger
Apex + Apex sharing rules
35. Encryptable standard fields
In Spring’16
On the Account object:
Account Name, Fax, Website, Phone
On the Contact object:
Description, Email, Fax, Home Phone, Mailing Address (Encrypts only Mailing Street and Mailing City),
Mobile, Name (Encrypts First Name, Middle Name, and Last Name), Other Phone, Phone
On the Case object:
Subject, Description
On Case Comments:
Body