SlideShare a Scribd company logo

Introducing salesforce shield - Paris Salesforce Developer Group - Oct 15

Paris Salesforce Developer Group
Paris Salesforce Developer Group

The document introduces Salesforce Shield, which provides new services to help customers build trusted applications securely and fast. It describes the analytics and actions capabilities of Event Monitoring within Salesforce Shield. Event Monitoring allows customers to gain visibility into user actions, generate security policies from analytics, and automate real-time actions from those policies. An example is provided around limiting concurrent login sessions using Event Monitoring's analytics to understand login behaviors and its actions to enforce session constraints.

1 of 42
Download to read offline
Introducing: Salesforce Shield The fastest way to build trusted apps ​ 
Safe harbor statement under the Private Securities Litigation Reform Act of 1995: This presentation may contain forward-looking statements that involve risks, uncertainties, and assumptions. If any such uncertainties materialize or if any of the assumptions proves incorrect, the results of salesforce.com, inc. could differ materially from the results expressed or implied by the forward-looking statements we make. All statements other than statements of historical fact could be deemed forward-looking, including any projections of product or service availability, subscriber growth, earnings, revenues, or other financial items and any statements regarding strategies or plans of management for future operations, statements of belief, any statements concerning new, planned, or upgraded services or technology developments and customer contracts or use of our services. The risks and uncertainties referred to above include – but are not limited to – risks associated with developing and delivering new functionality for our service, new products and services, our new business model, our past operating losses, possible fluctuations in our operating results and rate of growth, interruptions or delays in our Web hosting, breach of our security measures, the outcome of any litigation, risks associated with completed and any possible mergers and acquisitions, the immature market in which we operate, our relatively limited operating history, our ability to expand, retain, and motivate our employees and manage our growth, new releases of our service and successful customer deployment, our limited history reselling non-salesforce.com products, and utilization and selling to larger enterprise customers. Further information on potential factors that could affect the financial results of salesforce.com, inc. is included in our annual report on Form 10-K for the most recent fiscal year and in our quarterly report on Form 10-Q for the most recent fiscal quarter. These documents and others containing important disclosures are available on the SEC Filings section of the Investor Information section of our Web site. Any unreleased services or features referenced in this or other presentations, press releases or public statements are not currently available and may not be delivered on time or at all. Customers who purchase our services should make the purchase decisions based upon features that are currently available. Salesforce.com, inc. assumes no obligation and does not intend to update these forward-looking statements. Safe Harbor
SNA Terminal Mainframe LAN / WAN Client Server LAN / WAN Client Server Cloud Mobile Social Data Science Thousands customer interactions connected thingsBillions TrillionsMillions The app revolution is opening up a world of innovation for businesses
Apps are generating more customer data than ever before Apps Financial Data Health Data Location Data 90% of the world’s data created in the last 12 months
World’s Most Trusted Enterprise Cloud Trust is our #1 value Five Elements of Trust Transparency Always on availability Performance at scale Global data centers Enterprise compliance Q1 Transactions 211B+ Customers 150k Apps 2M+
Salesforce Trust Services Infrastructure Services AnalyticsCommunityMarketingServiceSales Apps Network Services Application Services Secure Data Centers Backup and Disaster Recovery 47 Major Releases HTTPS Encryption Penetration Testing Advanced Threat Detection Identity & Single Sign On Two Factor Authentication User Roles & Permissions Field & Row Level Security Secure Firewalls Real-time replication Password Policies Third Party Certifications IP Login Restrictions Customer Audits 150,000+ customers 2,000,000+ apps Sixteen years of innovation on the world’s most trusted cloud
Introducing: Salesforce Shield Infrastructure Services Network Services Application Services Secure Data Centers Backup and Disaster Recovery HTTPS Encryption Penetration Testing Advanced Threat Detection Identity & Single Sign On Two Factor Authentication User Roles & Permissions Field & Row Level Security Secure Firewalls Real-time replication Password Policies Third Party Certifications IP Login Restrictions Customer Audits Salesforce Shield Platform Encryption Event Monitoring Field Audit Trail New services to help you build trusted apps fast
​ Monitor User Activity ​ Know who is accessing data from where Optimize Performance ​ Troubleshoot application performance to improve end user experience ​ Track Application Usage ​ Understand application usage to increase adoption Gain Visibility Into User Actions with Event Monitoring
Retain Field History for Up to 10 Years with Field Audit Trail ​ Establish Data Retention Policies ​ Know the state and value of data at any time Access Retained Data at Scale ​ Normalize on big data back-end for performance ​ Comply with Industry Regulations ​ Secure data archive with the highest trust standards
Encrypt Sensitive Data While Preserving Business Functionality ​ Seamlessly protect data at rest ​ Encrypt standard & custom fields, files & attachments ​  Natively integrated with key Salesforce features ​ E.g., Search, Chatter, Lookups work with encrypted data ​ Customer managed keys ​ Customer-driven encryption key lifecycle management
Salesforce Shield New services to help you build trusted apps fast EncryptAuditMonitor Platform EncryptionField Audit TrailEvent Monitoring
Salesforce Shield The Event Monitoring Story
Auditing, Analytics and Actions at a Glance Audit Fields Login History Setup Audit Trail Field History Tracking Field Audit Trail Event Monitoring Purpose Track who created or last modified a record user and time Track end-user logins and login attempts (e.g. failures) Track Administrative changes in setup like escalation of privileges or creation of new fields Track state changes at the field level Analysis: Track a variety of server interactions including report exports, page views, and document downloads Action: Automate actionable security policies such as limiting data export or notifying on concurrent login sessions Example Adam Torman modified the Acme account earlier today Adam Torman logged in using Chrome v 42.0 on Mac OSX Permission set Modify All Data assigned to user Adam Torman Adam Torman changed the Case status from Open to Closed Adam Torman clicked on Marc Benioff’s patient record and downloaded the customer list Jari Salomaa was prevented from logging into his iPad until he removed a previous login session Interface Record Detail UI and API Setup UI and API Setup UI and API Setup / Related List UI and API API (CSV download) + Wave Integration Setup UI [Profile or Sharing] Permission s Required *Read/Query requires sharing access to parent record Manage User permission *View Setup and Configuration permission Configure requires Customize Application permission *Read/Query requires sharing access to parent record *View Event Log Files permission AND * View Login Forensics Author Apex AND Customize Application Data Retention Policy Life of the record / 18 Months depending on org inception date 6 months FIFO 6 months FIFO 20 fields for 18 months 60 fields for 10 years Up to 30 days for Event Log Files and 10 years for Login Forensics N/A Pricing $0 $0 $0 $0 ** $add-on $0 - Login/Logout Event Log Files for 1 day ** $add-on - 29 log files for 30 days + Login Forensics + Transaction Security Online Audit Fields Login History Setup Audit Field History Field Audit Event Monitoring Transaction Security
What we are hearing from CISOs ​ 1. Visibility to user activity ​ Report on what users are doing and where policies are needed ​ 2. Generate security policies ​ Generate real-time actions such as notifications and proactive prevention ​ 3. Automate actions from policies ​ Fine-tune your application portfolio and business process ​ 4. Analyze, monitor results and audit ​ Fine-tune your security policies and provide audit trails for auditors
Two halves of the same solution ​  Analytics ​  Actions
Policy Generation Event Capture Historical Analytics Real Time Actions Cycle of SecurityHistorical Logs User Segmentation Real-time Analytics Audit Event Generation Policy Deployment Policy Design Policy Customization ​ Analytics ​ Actions Policy Design Policy EnforcementData Capture and Management Reporting and Audit
Analytics For Event Monitoring ​ Support ​ Provide better, data-driven support for your end users ​ Audit ​ Track your user’s activities ​ Optimize ​ Fine-tune your application portfolio and business process
Actions For Event Monitoring ​ Customizable Apex Policies ​ Framework auto-generated policies ​ Define Real Time Actions ​ Notify, Block, Force 2FA, Session Chooser ​ Enforce Session Constraints ​ Control the number of active user sessions
An Example Concurrent Log Sessions
Problem set: Concurrent Login Sessions ●  Users should not be logged in to more than ‘n’ sessions ●  Limit the number of concurrent sessions to reduce risk with malicious activities ○  FedRamp requirement ●  Security policy should understand who will be impacted and prompt the user to remove previous sessions that no longer apply
Policy Generation Event Capture Historical Analytics Real Time Actions Cycle of SecurityHistorical Logs User Segmentation Real-time Analytics Audit Event Generation Policy Deployment Policy Design Policy Customization ​ Analytics ​ Actions Policy Design Policy EnforcementData Capture and Management Reporting and Audit
Analyze current login behaviors using analytics Track login trends and ask questions: ●  Who will be impacted if you create a policy based on Profile, Role, User, etc…? ●  What integrations may break? ●  How are user’s logging in - S1 Mobile, Web Browser, integrations? Policy Generation Event Capture Historical Analytics Real Time Actions Cycle of Security Historical Logs User Segmentatio n Real-time Analytics Audit Event Generation Policy Deployme nt Policy Design Policy Customizatio n
Determine criteria for policy By Profile: ●  System Admin Profile >= 2 By Role: ●  East Coast Exec Role >=5 By User: ●  Adam Torman OR Jari Salomaa >=1 By Time: ●  Saturday OR Sundays >=1 Policy Generation Event Capture Historical Analytics Real Time Actions Cycle of Security Historical Logs User Segmentatio n Real-time Analytics Audit Event Generation Policy Deployme nt Policy Design Policy Customizatio n
Decide which actions to take Policy Generation Event Capture Historical Analytics Real Time Actions Cycle of Security Historical Logs User Segmentatio n Real-time Analytics Audit Event Generation Policy Deployme nt Policy Design Policy Customizatio n Determine actions to take: ●  None ●  Block ●  2FA ●  Session Chooser
Customize Apex policy and add criteria Customize the policy ●  Apply custom criteria such as Profiles, Roles, Users, etc… ●  Work closely with your developers to customize it for your design Policy Generation Event Capture Historical Analytics Real Time Actions Cycle of Security Historical Logs User Segmentatio n Real-time Analytics Audit Event Generation Policy Deployme nt Policy Design Policy Customizatio n
Deploy policy Deployment is as easy as selecting a checkbox on the policy Policy Generation Event Capture Historical Analytics Real Time Actions Cycle of Security Historical Logs User Segmentatio n Real-time Analytics Audit Event Generation Policy Deployme nt Policy Design Policy Customizatio n
Real-time action policy enforcement In real-time, users will be forced to take an action based on the criteria you created Policy Generation Event Capture Historical Analytics Real Time Actions Cycle of Security Historical Logs User Segmentatio n Real-time Analytics Audit Event Generation Policy Deployme nt Policy Design Policy Customizatio n
Analyze policy enforcement and Audit Track how many 2FA or session chooser screens were selected. Policy Generation Event Capture Historical Analytics Real Time Actions Cycle of Security Historical Logs User Segmentatio n Real-time Analytics Audit Event Generation Policy Deployme nt Policy Design Policy Customizatio n
Salesforce Platform Encryption Strongly encrypt data at rest while preserving critical business functionality
​ Encrypt data at rest when it is stored on the App Cloud ​ Encrypt Standard & Custom Fields, Files, & Attachments ​ Customers manage their encryption keys on the App Cloud platform What Problems We Solve
Why It’s Unique Salesforce Platform Encryption Quickly and seamlessly protect sensitive data Setup takes minutes – no extra hardware or software Makes the App Cloud ‘encryption aware’ Salesforce1 Mobile-ready, natively
Salesforce Platform Encryption ​ Encryption Services ​ Standards based encryption built natively into the App Cloud Platform ​ AES encryption using 256bit keys ​ Layers seamlessly with other App Cloud security features ​ Key Management ​ Customer driven key lifecycle management ​ Uses secure derived keys that are never persisted in the App Cloud ​ Hardware Security Module based key management infrastructure ​ FIPS 140-2 compliant ​ Policy Management ​ Customer control over policy configuration ​ Select fields, files, and attachments to be encrypted ​ Encryption controlled with metadata to take complexity out of deployments ​ App Cloud Integration ​ Preserve important functionality like search and business rules ​ Built-in capabilities to iteratively add additional feature support ​ Features and Functionality Overview
Architecture Overview Encrypted Fields Encrypted Files AES 256 DATA Database File Storage FFX Database File Storage FFX Database File Storage FFX Database File Storage FFX Key Derivation Server Embedded HSM Key Derivation Server Embedded HSM Key Derivation Server Embedded HSM Key Derivation Server Embedded HSM
​ Keys and Secrets ​ Master Secret Master Wrapping Key ​ Master Salt Tenant Wrapping Key Keys and Secrets Key Derivation Server RSA Key Pair Hardware Security Modules ​ Key Management Components Master HSM Key Derivation Server Embedded HSM ​ Functions ​ Generates Per-Release Secrets and Keys ​ Encrypts Secrets and Keys for Secure Distribution ​ Air-gapped from Production Network Functions Unwraps Per-Release Secrets and Keys Generates and Encrypts Tenant Secret Performs Key Derivation
​ Generated once per release by Salesforce Security Officer using air-gapped Master HSM ​ Encrypted with the Master Wrapping Key and stored in Key Derivation Servers ​ Decryptable only by Key Derivation Server’s Private Key and the Master Wrapping Key ​ Org-specific secret generated, managed, and rotated by customers ​ Manage via Setup or SOAP API ​ Encrypted using the per-release Tenant Wrapping Key and stored in the database ​ Decryptable only by Key Derivation Server’s Private Key and Tenant Wrapping Key ​ Created by Key Derivation Servers via Password Based Key Derivation Function ​ Decrypts and combines Master and Tenant Secrets and Master Salt as input to PBKDF2 function ​ Output of KDF is an Org-specific Data Encryption Key used to encrypt customer field values and files ​ Derived keys are cached on the App Cloud platform Master Secret / Master Salt Tenant Secret Data Encryption Key Key Derivation ​ Creating Org-specific Data Encryption Keys
Deriving Data Encryption Keys Standards Based Key Derivation Function: PBDKF2 HMAC with SHA256 Runs 15,000 Iterations Outputs 256 bit length Data Encryption Key Tenant Secret 1 Password Based Key Derivation Function Data Encryption Key 1 Data Encryption Key 1 Cache Master Secret Summer ‘15 Summer ‘15 Master Salt Key Derivation Server Embedded HSM Key Derivation Server Embedded HSM Key Derivation Server Embedded HSM Key Derivation Server Embedded HSM
Customer Driven Key Lifecycle Derived Encryption Keys Are Never Persisted Create, Manage, and Rotate Keys Declarative & API Based Key Management Import and Export Tenant Secrets on Demand
Field Encryption Policies Customer Driven Encryption Policies Declarative or API Policy Configuration Supports Both Standard and Custom Fields Natively Integrated with the App Cloud Features
Standard Field Encryption and Search ​  Standard Field Encryption •  Account Name •  Contact First/Middle/Last Name •  Email •  Phone •  Home/Other Phone •  Mobile •  Fax •  Mailing Street & City •  Person Account fields •  Case Subject, Description •  Case Comments’ Body Search Fields and Files (via Desktop, Salesforce1 Mobile and SOSL)
Custom Field Encryption Custom Field Types •  Email •  Phone •  Text •  Text Area •  Text Area (Long) •  URL Enable with Metadata Encrypt Existing Fields
Chatter Files and Attachments Encryption Encrypt Content of Chatter Files Preview Encrypted Files File Content Search Encrypt Attachments
Thank you

Recommended

Salesforce Shield: How to Deliver a New Level of Trust and Security in the Cloud
Salesforce Shield: How to Deliver a New Level of Trust and Security in the CloudSalesforce Shield: How to Deliver a New Level of Trust and Security in the Cloud
Salesforce Shield: How to Deliver a New Level of Trust and Security in the Cloud
Dreamforce
 
Salesforce shield by manish
Salesforce shield by manishSalesforce shield by manish
Salesforce shield by manish
Manish Thaduri
 
Introduction to the Salesforce Security Model
Introduction to the Salesforce Security ModelIntroduction to the Salesforce Security Model
Introduction to the Salesforce Security Model
Salesforce Developers
 
Decluttering your Salesfroce org
Decluttering your Salesfroce orgDecluttering your Salesfroce org
Decluttering your Salesfroce org
Roy Gilad
 
Security and Your Salesforce Org
Security and Your Salesforce OrgSecurity and Your Salesforce Org
Security and Your Salesforce Org
Salesforce Admins
 
Introducing the Salesforce platform
Introducing the Salesforce platformIntroducing the Salesforce platform
Introducing the Salesforce platform
John Stevenson
 
Event Monitoring: Use Powerful Insights to Improve Performance and Security
Event Monitoring: Use Powerful Insights to Improve Performance and SecurityEvent Monitoring: Use Powerful Insights to Improve Performance and Security
Event Monitoring: Use Powerful Insights to Improve Performance and Security
Dreamforce
 
What Is Salesforce? | Salesforce Training - What Does Salesforce Do? | Salesf...
What Is Salesforce? | Salesforce Training - What Does Salesforce Do? | Salesf...What Is Salesforce? | Salesforce Training - What Does Salesforce Do? | Salesf...
What Is Salesforce? | Salesforce Training - What Does Salesforce Do? | Salesf...
Edureka!
 

Recommended

Salesforce Shield: How to Deliver a New Level of Trust and Security in the Cloud
Salesforce Shield: How to Deliver a New Level of Trust and Security in the CloudSalesforce Shield: How to Deliver a New Level of Trust and Security in the Cloud
Salesforce Shield: How to Deliver a New Level of Trust and Security in the Cloud
Dreamforce
 
Salesforce shield by manish
Salesforce shield by manishSalesforce shield by manish
Salesforce shield by manish
Manish Thaduri
 
Introduction to the Salesforce Security Model
Introduction to the Salesforce Security ModelIntroduction to the Salesforce Security Model
Introduction to the Salesforce Security Model
Salesforce Developers
 
Decluttering your Salesfroce org
Decluttering your Salesfroce orgDecluttering your Salesfroce org
Decluttering your Salesfroce org
Roy Gilad
 
Security and Your Salesforce Org
Security and Your Salesforce OrgSecurity and Your Salesforce Org
Security and Your Salesforce Org
Salesforce Admins
 
Introducing the Salesforce platform
Introducing the Salesforce platformIntroducing the Salesforce platform
Introducing the Salesforce platform
John Stevenson
 
Event Monitoring: Use Powerful Insights to Improve Performance and Security
Event Monitoring: Use Powerful Insights to Improve Performance and SecurityEvent Monitoring: Use Powerful Insights to Improve Performance and Security
Event Monitoring: Use Powerful Insights to Improve Performance and Security
Dreamforce
 
What Is Salesforce? | Salesforce Training - What Does Salesforce Do? | Salesf...
What Is Salesforce? | Salesforce Training - What Does Salesforce Do? | Salesf...What Is Salesforce? | Salesforce Training - What Does Salesforce Do? | Salesf...
What Is Salesforce? | Salesforce Training - What Does Salesforce Do? | Salesf...
Edureka!
 
Salesforce Security Review Tips and Tricks
Salesforce Security Review Tips and TricksSalesforce Security Review Tips and Tricks
Salesforce Security Review Tips and Tricks
Ryan Flood
 
Salesforce Intro
Salesforce IntroSalesforce Intro
Salesforce Intro
Rich Helton
 
Salesforce Overview For Beginners/Students
Salesforce Overview For Beginners/StudentsSalesforce Overview For Beginners/Students
Salesforce Overview For Beginners/Students
Sujesh Ramachandran
 
Salesforce Integration
Salesforce IntegrationSalesforce Integration
Salesforce Integration
Joshua Hoskins
 
Introduction to Salesforce Platform - Basic
Introduction to Salesforce Platform - BasicIntroduction to Salesforce Platform - Basic
Introduction to Salesforce Platform - Basic
sanskriti agarwal
 
Salesforce Org Health Check & Performance Testing
Salesforce Org Health Check & Performance TestingSalesforce Org Health Check & Performance Testing
Salesforce Org Health Check & Performance Testing
ImtiazBinMohiuddin
 
What Is Salesforce CRM? | Salesforce CRM Tutorial For Beginners | Salesforce ...
What Is Salesforce CRM? | Salesforce CRM Tutorial For Beginners | Salesforce ...What Is Salesforce CRM? | Salesforce CRM Tutorial For Beginners | Salesforce ...
What Is Salesforce CRM? | Salesforce CRM Tutorial For Beginners | Salesforce ...
Edureka!
 
Salesforce Presentation
Salesforce PresentationSalesforce Presentation
Salesforce Presentation
Chetna Purohit
 
Top Benefits of Salesforce in Business
Top Benefits of Salesforce in BusinessTop Benefits of Salesforce in Business
Top Benefits of Salesforce in Business
Fexle Services Pvt. Ltd.
 
Performing a successful technical debt assessment in Salesforce
Performing a successful technical debt assessment in SalesforcePerforming a successful technical debt assessment in Salesforce
Performing a successful technical debt assessment in Salesforce
Coforge (Erstwhile WHISHWORKS)
 
Champion Productivity with Service Cloud
Champion Productivity with Service CloudChampion Productivity with Service Cloud
Champion Productivity with Service Cloud
Salesforce Admins
 
Salesforce Training For Beginners | Salesforce Tutorial | Salesforce Training...
Salesforce Training For Beginners | Salesforce Tutorial | Salesforce Training...Salesforce Training For Beginners | Salesforce Tutorial | Salesforce Training...
Salesforce Training For Beginners | Salesforce Tutorial | Salesforce Training...
Edureka!
 
Integrating with salesforce
Integrating with salesforceIntegrating with salesforce
Integrating with salesforce
Mark Adcock
 
SFDC Organization Setup
SFDC Organization SetupSFDC Organization Setup
SFDC Organization Setup
Simeon Tzanev
 
Salesforce
SalesforceSalesforce
Salesforce
BharatSirvi8
 
Salesforce overview
Salesforce overviewSalesforce overview
Salesforce overview
Ratchata Ardchawuthikulawong
 
Introduction to Salesforce.com
Introduction to Salesforce.comIntroduction to Salesforce.com
Introduction to Salesforce.com
Edureka!
 
Introduction to Salesforce | Salesforce Tutorial for Beginners | Salesforce T...
Introduction to Salesforce | Salesforce Tutorial for Beginners | Salesforce T...Introduction to Salesforce | Salesforce Tutorial for Beginners | Salesforce T...
Introduction to Salesforce | Salesforce Tutorial for Beginners | Salesforce T...
Edureka!
 
Manage Development in Your Org with Salesforce Governance Framework
Manage Development in Your Org with Salesforce Governance FrameworkManage Development in Your Org with Salesforce Governance Framework
Manage Development in Your Org with Salesforce Governance Framework
Salesforce Developers
 
Deep dive into Salesforce Connected App
Deep dive into Salesforce Connected AppDeep dive into Salesforce Connected App
Deep dive into Salesforce Connected App
Dhanik Sahni
 
Dreamforce 15 - Platform Encryption for Developers
Dreamforce 15 - Platform Encryption for DevelopersDreamforce 15 - Platform Encryption for Developers
Dreamforce 15 - Platform Encryption for Developers
Peter Chittum
 
Helping Gamechangers Change the World - Introducing Salesforce1 for Nonprofits
Helping Gamechangers Change the World - Introducing Salesforce1 for Nonprofits Helping Gamechangers Change the World - Introducing Salesforce1 for Nonprofits
Helping Gamechangers Change the World - Introducing Salesforce1 for Nonprofits
Salesforce.org
 

More Related Content

What's hot

Salesforce Security Review Tips and Tricks
Salesforce Security Review Tips and TricksSalesforce Security Review Tips and Tricks
Salesforce Security Review Tips and Tricks
Ryan Flood
 
Salesforce Intro
Salesforce IntroSalesforce Intro
Salesforce Intro
Rich Helton
 
Salesforce Overview For Beginners/Students
Salesforce Overview For Beginners/StudentsSalesforce Overview For Beginners/Students
Salesforce Overview For Beginners/Students
Sujesh Ramachandran
 
Salesforce Integration
Salesforce IntegrationSalesforce Integration
Salesforce Integration
Joshua Hoskins
 
Introduction to Salesforce Platform - Basic
Introduction to Salesforce Platform - BasicIntroduction to Salesforce Platform - Basic
Introduction to Salesforce Platform - Basic
sanskriti agarwal
 
Salesforce Org Health Check & Performance Testing
Salesforce Org Health Check & Performance TestingSalesforce Org Health Check & Performance Testing
Salesforce Org Health Check & Performance Testing
ImtiazBinMohiuddin
 
What Is Salesforce CRM? | Salesforce CRM Tutorial For Beginners | Salesforce ...
What Is Salesforce CRM? | Salesforce CRM Tutorial For Beginners | Salesforce ...What Is Salesforce CRM? | Salesforce CRM Tutorial For Beginners | Salesforce ...
What Is Salesforce CRM? | Salesforce CRM Tutorial For Beginners | Salesforce ...
Edureka!
 
Salesforce Presentation
Salesforce PresentationSalesforce Presentation
Salesforce Presentation
Chetna Purohit
 
Top Benefits of Salesforce in Business
Top Benefits of Salesforce in BusinessTop Benefits of Salesforce in Business
Top Benefits of Salesforce in Business
Fexle Services Pvt. Ltd.
 
Performing a successful technical debt assessment in Salesforce
Performing a successful technical debt assessment in SalesforcePerforming a successful technical debt assessment in Salesforce
Performing a successful technical debt assessment in Salesforce
Coforge (Erstwhile WHISHWORKS)
 
Champion Productivity with Service Cloud
Champion Productivity with Service CloudChampion Productivity with Service Cloud
Champion Productivity with Service Cloud
Salesforce Admins
 
Salesforce Training For Beginners | Salesforce Tutorial | Salesforce Training...
Salesforce Training For Beginners | Salesforce Tutorial | Salesforce Training...Salesforce Training For Beginners | Salesforce Tutorial | Salesforce Training...
Salesforce Training For Beginners | Salesforce Tutorial | Salesforce Training...
Edureka!
 
Integrating with salesforce
Integrating with salesforceIntegrating with salesforce
Integrating with salesforce
Mark Adcock
 
SFDC Organization Setup
SFDC Organization SetupSFDC Organization Setup
SFDC Organization Setup
Simeon Tzanev
 
Salesforce
SalesforceSalesforce
Salesforce
BharatSirvi8
 
Salesforce overview
Salesforce overviewSalesforce overview
Salesforce overview
Ratchata Ardchawuthikulawong
 
Introduction to Salesforce.com
Introduction to Salesforce.comIntroduction to Salesforce.com
Introduction to Salesforce.com
Edureka!
 
Introduction to Salesforce | Salesforce Tutorial for Beginners | Salesforce T...
Introduction to Salesforce | Salesforce Tutorial for Beginners | Salesforce T...Introduction to Salesforce | Salesforce Tutorial for Beginners | Salesforce T...
Introduction to Salesforce | Salesforce Tutorial for Beginners | Salesforce T...
Edureka!
 
Manage Development in Your Org with Salesforce Governance Framework
Manage Development in Your Org with Salesforce Governance FrameworkManage Development in Your Org with Salesforce Governance Framework
Manage Development in Your Org with Salesforce Governance Framework
Salesforce Developers
 
Deep dive into Salesforce Connected App
Deep dive into Salesforce Connected AppDeep dive into Salesforce Connected App
Deep dive into Salesforce Connected App
Dhanik Sahni
 

What's hot (20)

Salesforce Security Review Tips and Tricks
Salesforce Security Review Tips and TricksSalesforce Security Review Tips and Tricks
Salesforce Security Review Tips and Tricks
 
Salesforce Intro
Salesforce IntroSalesforce Intro
Salesforce Intro
 
Salesforce Overview For Beginners/Students
Salesforce Overview For Beginners/StudentsSalesforce Overview For Beginners/Students
Salesforce Overview For Beginners/Students
 
Salesforce Integration
Salesforce IntegrationSalesforce Integration
Salesforce Integration
 
Introduction to Salesforce Platform - Basic
Introduction to Salesforce Platform - BasicIntroduction to Salesforce Platform - Basic
Introduction to Salesforce Platform - Basic
 
Salesforce Org Health Check & Performance Testing
Salesforce Org Health Check & Performance TestingSalesforce Org Health Check & Performance Testing
Salesforce Org Health Check & Performance Testing
 
What Is Salesforce CRM? | Salesforce CRM Tutorial For Beginners | Salesforce ...
What Is Salesforce CRM? | Salesforce CRM Tutorial For Beginners | Salesforce ...What Is Salesforce CRM? | Salesforce CRM Tutorial For Beginners | Salesforce ...
What Is Salesforce CRM? | Salesforce CRM Tutorial For Beginners | Salesforce ...
 
Salesforce Presentation
Salesforce PresentationSalesforce Presentation
Salesforce Presentation
 
Top Benefits of Salesforce in Business
Top Benefits of Salesforce in BusinessTop Benefits of Salesforce in Business
Top Benefits of Salesforce in Business
 
Performing a successful technical debt assessment in Salesforce
Performing a successful technical debt assessment in SalesforcePerforming a successful technical debt assessment in Salesforce
Performing a successful technical debt assessment in Salesforce
 
Champion Productivity with Service Cloud
Champion Productivity with Service CloudChampion Productivity with Service Cloud
Champion Productivity with Service Cloud
 
Salesforce Training For Beginners | Salesforce Tutorial | Salesforce Training...
Salesforce Training For Beginners | Salesforce Tutorial | Salesforce Training...Salesforce Training For Beginners | Salesforce Tutorial | Salesforce Training...
Salesforce Training For Beginners | Salesforce Tutorial | Salesforce Training...
 
Integrating with salesforce
Integrating with salesforceIntegrating with salesforce
Integrating with salesforce
 
SFDC Organization Setup
SFDC Organization SetupSFDC Organization Setup
SFDC Organization Setup
 
Salesforce
SalesforceSalesforce
Salesforce
 
Salesforce overview
Salesforce overviewSalesforce overview
Salesforce overview
 
Introduction to Salesforce.com
Introduction to Salesforce.comIntroduction to Salesforce.com
Introduction to Salesforce.com
 
Introduction to Salesforce | Salesforce Tutorial for Beginners | Salesforce T...
Introduction to Salesforce | Salesforce Tutorial for Beginners | Salesforce T...Introduction to Salesforce | Salesforce Tutorial for Beginners | Salesforce T...
Introduction to Salesforce | Salesforce Tutorial for Beginners | Salesforce T...
 
Manage Development in Your Org with Salesforce Governance Framework
Manage Development in Your Org with Salesforce Governance FrameworkManage Development in Your Org with Salesforce Governance Framework
Manage Development in Your Org with Salesforce Governance Framework
 
Deep dive into Salesforce Connected App
Deep dive into Salesforce Connected AppDeep dive into Salesforce Connected App
Deep dive into Salesforce Connected App
 

Viewers also liked

Dreamforce 15 - Platform Encryption for Developers
Dreamforce 15 - Platform Encryption for DevelopersDreamforce 15 - Platform Encryption for Developers
Dreamforce 15 - Platform Encryption for Developers
Peter Chittum
 
Helping Gamechangers Change the World - Introducing Salesforce1 for Nonprofits
Helping Gamechangers Change the World - Introducing Salesforce1 for Nonprofits Helping Gamechangers Change the World - Introducing Salesforce1 for Nonprofits
Helping Gamechangers Change the World - Introducing Salesforce1 for Nonprofits
Salesforce.org
 
How Morgan Stanley is Using Apps to Transform the Workplace
How Morgan Stanley is Using Apps to Transform the WorkplaceHow Morgan Stanley is Using Apps to Transform the Workplace
How Morgan Stanley is Using Apps to Transform the Workplace
Dreamforce
 
Introducing the Next Version of ExactTarget Salesforce Integration
Introducing the Next Version of ExactTarget Salesforce IntegrationIntroducing the Next Version of ExactTarget Salesforce Integration
Introducing the Next Version of ExactTarget Salesforce Integration
Salesforce Marketing Cloud
 
Salesforce Identity: Identity Management Made Easy
Salesforce Identity: Identity Management Made EasySalesforce Identity: Identity Management Made Easy
Salesforce Identity: Identity Management Made Easy
Salesforce Developers
 
Ebook- Introducing Wave Analytics Cloud
Ebook- Introducing Wave Analytics CloudEbook- Introducing Wave Analytics Cloud
Ebook- Introducing Wave Analytics CloudMisha Williams
 
CASBs: Real World Use Cases
CASBs: Real World Use CasesCASBs: Real World Use Cases
CASBs: Real World Use Cases
Bitglass
 
Sales force turning opportunity into profit
Sales force turning opportunity into profitSales force turning opportunity into profit
Sales force turning opportunity into profit
Cecilie Burleson
 

Viewers also liked (9)

Dreamforce 15 - Platform Encryption for Developers
Dreamforce 15 - Platform Encryption for DevelopersDreamforce 15 - Platform Encryption for Developers
Dreamforce 15 - Platform Encryption for Developers
 
Helping Gamechangers Change the World - Introducing Salesforce1 for Nonprofits
Helping Gamechangers Change the World - Introducing Salesforce1 for Nonprofits Helping Gamechangers Change the World - Introducing Salesforce1 for Nonprofits
Helping Gamechangers Change the World - Introducing Salesforce1 for Nonprofits
 
How Morgan Stanley is Using Apps to Transform the Workplace
How Morgan Stanley is Using Apps to Transform the WorkplaceHow Morgan Stanley is Using Apps to Transform the Workplace
How Morgan Stanley is Using Apps to Transform the Workplace
 
Introducing the Next Version of ExactTarget Salesforce Integration
Introducing the Next Version of ExactTarget Salesforce IntegrationIntroducing the Next Version of ExactTarget Salesforce Integration
Introducing the Next Version of ExactTarget Salesforce Integration
 
Salesforce Identity: Identity Management Made Easy
Salesforce Identity: Identity Management Made EasySalesforce Identity: Identity Management Made Easy
Salesforce Identity: Identity Management Made Easy
 
Introducing Salesforce Identity
Introducing Salesforce IdentityIntroducing Salesforce Identity
Introducing Salesforce Identity
 
Ebook- Introducing Wave Analytics Cloud
Ebook- Introducing Wave Analytics CloudEbook- Introducing Wave Analytics Cloud
Ebook- Introducing Wave Analytics Cloud
 
CASBs: Real World Use Cases
CASBs: Real World Use CasesCASBs: Real World Use Cases
CASBs: Real World Use Cases
 
Sales force turning opportunity into profit
Sales force turning opportunity into profitSales force turning opportunity into profit
Sales force turning opportunity into profit
 

Similar to Introducing salesforce shield - Paris Salesforce Developer Group - Oct 15

What’s new in summer’15 release - Security & Compliance
What’s new in summer’15 release - Security & ComplianceWhat’s new in summer’15 release - Security & Compliance
What’s new in summer’15 release - Security & Compliance
Shesh Kondi
 
What’s new in summer’15 release - Security & Compliance
What’s new in summer’15 release - Security & ComplianceWhat’s new in summer’15 release - Security & Compliance
What’s new in summer’15 release - Security & Compliance
Shesh Kondi
 
2. 8 things that will make your business love your developers again
2. 8 things that will make your business love your developers again2. 8 things that will make your business love your developers again
2. 8 things that will make your business love your developers againEuroCloud
 
CCT London 2013 Theatre Intro to Apex
CCT London 2013 Theatre Intro to ApexCCT London 2013 Theatre Intro to Apex
CCT London 2013 Theatre Intro to ApexPeter Chittum
 
Real Time Integration with Salesforce Platform Events
Real Time Integration with Salesforce Platform EventsReal Time Integration with Salesforce Platform Events
Real Time Integration with Salesforce Platform Events
Salesforce Developers
 
Just-In-Time Sharing Using Apex
Just-In-Time Sharing Using ApexJust-In-Time Sharing Using Apex
Just-In-Time Sharing Using Apex
Salesforce Developers
 
Get Started with the Lightning Platform
Get Started with the Lightning PlatformGet Started with the Lightning Platform
Get Started with the Lightning Platform
Developer Force
 
Build and Package Lightning Components for Lightning Exchange
Build and Package Lightning Components for Lightning ExchangeBuild and Package Lightning Components for Lightning Exchange
Build and Package Lightning Components for Lightning Exchange
Salesforce Developers
 
Indiana University: Our Path to Building an Enterprise Journey
Indiana University: Our Path to Building an Enterprise JourneyIndiana University: Our Path to Building an Enterprise Journey
Indiana University: Our Path to Building an Enterprise Journey
Salesforce.org
 
Essential Habits for Salesforce Admins: Security
Essential Habits for Salesforce Admins: SecurityEssential Habits for Salesforce Admins: Security
Essential Habits for Salesforce Admins: Security
Salesforce Admins
 
Boxcars and Cabooses: When One More XHR Is Too Much
Boxcars and Cabooses: When One More XHR Is Too MuchBoxcars and Cabooses: When One More XHR Is Too Much
Boxcars and Cabooses: When One More XHR Is Too Much
Peter Chittum
 
Next-Generation Native Apps
Next-Generation Native AppsNext-Generation Native Apps
Next-Generation Native Appsdreamforce2006
 
Enterprise IoT: Data in Context
Enterprise IoT: Data in ContextEnterprise IoT: Data in Context
Enterprise IoT: Data in Context
Pat Patterson
 
Crash Course in Salesforce Service and Support
Crash Course in Salesforce Service and SupportCrash Course in Salesforce Service and Support
Crash Course in Salesforce Service and Supportdreamforce2006
 
Around the World in 100 Days a Global Deployment Case Study
Around the World in 100 Days a Global Deployment Case StudyAround the World in 100 Days a Global Deployment Case Study
Around the World in 100 Days a Global Deployment Case Studydreamforce2006
 
ISV Monthly Tech Enablement (August 2017)
ISV Monthly Tech Enablement (August 2017)ISV Monthly Tech Enablement (August 2017)
ISV Monthly Tech Enablement (August 2017)
Salesforce Partners
 
Platform session 1 Innovation on the salesforce platform - speed vs control
Platform session 1 Innovation on the salesforce platform - speed vs controlPlatform session 1 Innovation on the salesforce platform - speed vs control
Platform session 1 Innovation on the salesforce platform - speed vs control
Salesforce - Sweden, Denmark, Norway
 
Df15 top 10 things an admin should know-0914
Df15 top 10 things an admin should know-0914Df15 top 10 things an admin should know-0914
Df15 top 10 things an admin should know-0914
Shahid Husain
 
Developers guide to the Salesforce1 Platform
Developers guide to the Salesforce1 PlatformDevelopers guide to the Salesforce1 Platform
Developers guide to the Salesforce1 Platform
John Stevenson
 

Similar to Introducing salesforce shield - Paris Salesforce Developer Group - Oct 15 (20)

What’s new in summer’15 release - Security & Compliance
What’s new in summer’15 release - Security & ComplianceWhat’s new in summer’15 release - Security & Compliance
What’s new in summer’15 release - Security & Compliance
 
What’s new in summer’15 release - Security & Compliance
What’s new in summer’15 release - Security & ComplianceWhat’s new in summer’15 release - Security & Compliance
What’s new in summer’15 release - Security & Compliance
 
2. 8 things that will make your business love your developers again
2. 8 things that will make your business love your developers again2. 8 things that will make your business love your developers again
2. 8 things that will make your business love your developers again
 
CCT London 2013 Theatre Intro to Apex
CCT London 2013 Theatre Intro to ApexCCT London 2013 Theatre Intro to Apex
CCT London 2013 Theatre Intro to Apex
 
Real Time Integration with Salesforce Platform Events
Real Time Integration with Salesforce Platform EventsReal Time Integration with Salesforce Platform Events
Real Time Integration with Salesforce Platform Events
 
Just-In-Time Sharing Using Apex
Just-In-Time Sharing Using ApexJust-In-Time Sharing Using Apex
Just-In-Time Sharing Using Apex
 
Get Started with the Lightning Platform
Get Started with the Lightning PlatformGet Started with the Lightning Platform
Get Started with the Lightning Platform
 
Build and Package Lightning Components for Lightning Exchange
Build and Package Lightning Components for Lightning ExchangeBuild and Package Lightning Components for Lightning Exchange
Build and Package Lightning Components for Lightning Exchange
 
Indiana University: Our Path to Building an Enterprise Journey
Indiana University: Our Path to Building an Enterprise JourneyIndiana University: Our Path to Building an Enterprise Journey
Indiana University: Our Path to Building an Enterprise Journey
 
Essential Habits for Salesforce Admins: Security
Essential Habits for Salesforce Admins: SecurityEssential Habits for Salesforce Admins: Security
Essential Habits for Salesforce Admins: Security
 
Boxcars and Cabooses: When One More XHR Is Too Much
Boxcars and Cabooses: When One More XHR Is Too MuchBoxcars and Cabooses: When One More XHR Is Too Much
Boxcars and Cabooses: When One More XHR Is Too Much
 
Next-Generation Native Apps
Next-Generation Native AppsNext-Generation Native Apps
Next-Generation Native Apps
 
Enterprise IoT: Data in Context
Enterprise IoT: Data in ContextEnterprise IoT: Data in Context
Enterprise IoT: Data in Context
 
Crash Course in Salesforce Service and Support
Crash Course in Salesforce Service and SupportCrash Course in Salesforce Service and Support
Crash Course in Salesforce Service and Support
 
Around the World in 100 Days a Global Deployment Case Study
Around the World in 100 Days a Global Deployment Case StudyAround the World in 100 Days a Global Deployment Case Study
Around the World in 100 Days a Global Deployment Case Study
 
ISV Monthly Tech Enablement (August 2017)
ISV Monthly Tech Enablement (August 2017)ISV Monthly Tech Enablement (August 2017)
ISV Monthly Tech Enablement (August 2017)
 
Platform session 1 Innovation on the salesforce platform - speed vs control
Platform session 1 Innovation on the salesforce platform - speed vs controlPlatform session 1 Innovation on the salesforce platform - speed vs control
Platform session 1 Innovation on the salesforce platform - speed vs control
 
Df15 top 10 things an admin should know-0914
Df15 top 10 things an admin should know-0914Df15 top 10 things an admin should know-0914
Df15 top 10 things an admin should know-0914
 
Developers guide to the Salesforce1 Platform
Developers guide to the Salesforce1 PlatformDevelopers guide to the Salesforce1 Platform
Developers guide to the Salesforce1 Platform
 
The Real Time Cloud
The Real Time CloudThe Real Time Cloud
The Real Time Cloud
 

More from Paris Salesforce Developer Group

Pour Noël, devenez chrome extensioniste!
Pour Noël, devenez chrome extensioniste!Pour Noël, devenez chrome extensioniste!
Pour Noël, devenez chrome extensioniste!
Paris Salesforce Developer Group
 
GraphQL (la nouvelle API de référence de Salesforce ?!)
GraphQL (la nouvelle API de référence de Salesforce ?!)GraphQL (la nouvelle API de référence de Salesforce ?!)
GraphQL (la nouvelle API de référence de Salesforce ?!)
Paris Salesforce Developer Group
 
La Tooling API, est-ce pour moi ? Bien sûr, viens voir pourquoi !
La Tooling API, est-ce pour moi ? Bien sûr, viens voir pourquoi !La Tooling API, est-ce pour moi ? Bien sûr, viens voir pourquoi !
La Tooling API, est-ce pour moi ? Bien sûr, viens voir pourquoi !
Paris Salesforce Developer Group
 
Introduction à la plateforme Anypoint de MuleSoft
Introduction à la plateforme Anypoint de MuleSoftIntroduction à la plateforme Anypoint de MuleSoft
Introduction à la plateforme Anypoint de MuleSoft
Paris Salesforce Developer Group
 
Release spring '22 - Community Groups français
Release spring '22 - Community Groups françaisRelease spring '22 - Community Groups français
Release spring '22 - Community Groups français
Paris Salesforce Developer Group
 
Scratch orgs...vous pensiez en avoir terminé avec les sandboxes ?
Scratch orgs...vous pensiez en avoir terminé avec les sandboxes ?Scratch orgs...vous pensiez en avoir terminé avec les sandboxes ?
Scratch orgs...vous pensiez en avoir terminé avec les sandboxes ?
Paris Salesforce Developer Group
 
Mon Expérience avec le Certified Technical Architect Review Board
Mon Expérience avec le Certified Technical Architect Review Board Mon Expérience avec le Certified Technical Architect Review Board
Mon Expérience avec le Certified Technical Architect Review Board
Paris Salesforce Developer Group
 
Mieux acheminer les emails avec salesforce
Mieux acheminer les emails avec salesforceMieux acheminer les emails avec salesforce
Mieux acheminer les emails avec salesforce
Paris Salesforce Developer Group
 
DX@Scale: Optimizing Salesforce Development and Deployment for large scale pr...
DX@Scale: Optimizing Salesforce Development and Deployment for large scale pr...DX@Scale: Optimizing Salesforce Development and Deployment for large scale pr...
DX@Scale: Optimizing Salesforce Development and Deployment for large scale pr...
Paris Salesforce Developer Group
 
Dreamforce Global Gathering
Dreamforce Global GatheringDreamforce Global Gathering
Dreamforce Global Gathering
Paris Salesforce Developer Group
 
Getting started with Salesforce DX
Getting started with Salesforce DXGetting started with Salesforce DX
Getting started with Salesforce DX
Paris Salesforce Developer Group
 
Pratiques administration avancées et techniques de développement
Pratiques administration avancées et techniques de développementPratiques administration avancées et techniques de développement
Pratiques administration avancées et techniques de développement
Paris Salesforce Developer Group
 
Sensibilisation à la Sécurité Salesforce
Sensibilisation à la Sécurité SalesforceSensibilisation à la Sécurité Salesforce
Sensibilisation à la Sécurité Salesforce
Paris Salesforce Developer Group
 
Salesforce Performance hacks - Client Side
Salesforce Performance hacks - Client SideSalesforce Performance hacks - Client Side
Salesforce Performance hacks - Client Side
Paris Salesforce Developer Group
 
Meetup 06/2015 - @testsetup
Meetup 06/2015 - @testsetupMeetup 06/2015 - @testsetup
Meetup 06/2015 - @testsetup
Paris Salesforce Developer Group
 
Meetup Custom Metadata - 1st Part
Meetup Custom Metadata - 1st PartMeetup Custom Metadata - 1st Part
Meetup Custom Metadata - 1st Part
Paris Salesforce Developer Group
 
Lightning week - Paris DUG
Lightning week - Paris DUGLightning week - Paris DUG
Lightning week - Paris DUG
Paris Salesforce Developer Group
 
Versionning et travail en équipe avec Salesforce - 27/11/2014
Versionning et travail en équipe avec Salesforce - 27/11/2014Versionning et travail en équipe avec Salesforce - 27/11/2014
Versionning et travail en équipe avec Salesforce - 27/11/2014
Paris Salesforce Developer Group
 
Paris Salesforce Developer Group - 16 09 2014 - Summer '14
Paris Salesforce Developer Group - 16 09 2014 - Summer '14Paris Salesforce Developer Group - 16 09 2014 - Summer '14
Paris Salesforce Developer Group - 16 09 2014 - Summer '14
Paris Salesforce Developer Group
 

More from Paris Salesforce Developer Group (19)

Pour Noël, devenez chrome extensioniste!
Pour Noël, devenez chrome extensioniste!Pour Noël, devenez chrome extensioniste!
Pour Noël, devenez chrome extensioniste!
 
GraphQL (la nouvelle API de référence de Salesforce ?!)
GraphQL (la nouvelle API de référence de Salesforce ?!)GraphQL (la nouvelle API de référence de Salesforce ?!)
GraphQL (la nouvelle API de référence de Salesforce ?!)
 
La Tooling API, est-ce pour moi ? Bien sûr, viens voir pourquoi !
La Tooling API, est-ce pour moi ? Bien sûr, viens voir pourquoi !La Tooling API, est-ce pour moi ? Bien sûr, viens voir pourquoi !
La Tooling API, est-ce pour moi ? Bien sûr, viens voir pourquoi !
 
Introduction à la plateforme Anypoint de MuleSoft
Introduction à la plateforme Anypoint de MuleSoftIntroduction à la plateforme Anypoint de MuleSoft
Introduction à la plateforme Anypoint de MuleSoft
 
Release spring '22 - Community Groups français
Release spring '22 - Community Groups françaisRelease spring '22 - Community Groups français
Release spring '22 - Community Groups français
 
Scratch orgs...vous pensiez en avoir terminé avec les sandboxes ?
Scratch orgs...vous pensiez en avoir terminé avec les sandboxes ?Scratch orgs...vous pensiez en avoir terminé avec les sandboxes ?
Scratch orgs...vous pensiez en avoir terminé avec les sandboxes ?
 
Mon Expérience avec le Certified Technical Architect Review Board
Mon Expérience avec le Certified Technical Architect Review Board Mon Expérience avec le Certified Technical Architect Review Board
Mon Expérience avec le Certified Technical Architect Review Board
 
Mieux acheminer les emails avec salesforce
Mieux acheminer les emails avec salesforceMieux acheminer les emails avec salesforce
Mieux acheminer les emails avec salesforce
 
DX@Scale: Optimizing Salesforce Development and Deployment for large scale pr...
DX@Scale: Optimizing Salesforce Development and Deployment for large scale pr...DX@Scale: Optimizing Salesforce Development and Deployment for large scale pr...
DX@Scale: Optimizing Salesforce Development and Deployment for large scale pr...
 
Dreamforce Global Gathering
Dreamforce Global GatheringDreamforce Global Gathering
Dreamforce Global Gathering
 
Getting started with Salesforce DX
Getting started with Salesforce DXGetting started with Salesforce DX
Getting started with Salesforce DX
 
Pratiques administration avancées et techniques de développement
Pratiques administration avancées et techniques de développementPratiques administration avancées et techniques de développement
Pratiques administration avancées et techniques de développement
 
Sensibilisation à la Sécurité Salesforce
Sensibilisation à la Sécurité SalesforceSensibilisation à la Sécurité Salesforce
Sensibilisation à la Sécurité Salesforce
 
Salesforce Performance hacks - Client Side
Salesforce Performance hacks - Client SideSalesforce Performance hacks - Client Side
Salesforce Performance hacks - Client Side
 
Meetup 06/2015 - @testsetup
Meetup 06/2015 - @testsetupMeetup 06/2015 - @testsetup
Meetup 06/2015 - @testsetup
 
Meetup Custom Metadata - 1st Part
Meetup Custom Metadata - 1st PartMeetup Custom Metadata - 1st Part
Meetup Custom Metadata - 1st Part
 
Lightning week - Paris DUG
Lightning week - Paris DUGLightning week - Paris DUG
Lightning week - Paris DUG
 
Versionning et travail en équipe avec Salesforce - 27/11/2014
Versionning et travail en équipe avec Salesforce - 27/11/2014Versionning et travail en équipe avec Salesforce - 27/11/2014
Versionning et travail en équipe avec Salesforce - 27/11/2014
 
Paris Salesforce Developer Group - 16 09 2014 - Summer '14
Paris Salesforce Developer Group - 16 09 2014 - Summer '14Paris Salesforce Developer Group - 16 09 2014 - Summer '14
Paris Salesforce Developer Group - 16 09 2014 - Summer '14
 

Recently uploaded

Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Nexer Digital
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance
 
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
SOFTTECHHUB
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
Jemma Hussein Allen
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
91mobiles
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Albert Hoitingh
 
UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5
DianaGray10
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
Prayukth K V
 
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
Neo4j
 
20240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 202420240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 2024
Matthew Sinclair
 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Paige Cruz
 
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
Neo4j
 
Free Complete Python - A step towards Data Science
Free Complete Python - A step towards Data ScienceFree Complete Python - A step towards Data Science
Free Complete Python - A step towards Data Science
RinaMondal9
 
A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...
sonjaschweigert1
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance
 
Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1
DianaGray10
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
KatiaHIMEUR1
 
Introduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - CybersecurityIntroduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - Cybersecurity
mikeeftimakis1
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
ControlCase
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
Laura Byrne
 

Recently uploaded (20)

Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
 
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
 
UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
 
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
 
20240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 202420240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 2024
 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
 
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
 
Free Complete Python - A step towards Data Science
Free Complete Python - A step towards Data ScienceFree Complete Python - A step towards Data Science
Free Complete Python - A step towards Data Science
 
A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
 
Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
 
Introduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - CybersecurityIntroduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - Cybersecurity
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
 

Introducing salesforce shield - Paris Salesforce Developer Group - Oct 15

  • 1. Introducing: Salesforce Shield The fastest way to build trusted apps ​ 
  • 2. Safe harbor statement under the Private Securities Litigation Reform Act of 1995: This presentation may contain forward-looking statements that involve risks, uncertainties, and assumptions. If any such uncertainties materialize or if any of the assumptions proves incorrect, the results of salesforce.com, inc. could differ materially from the results expressed or implied by the forward-looking statements we make. All statements other than statements of historical fact could be deemed forward-looking, including any projections of product or service availability, subscriber growth, earnings, revenues, or other financial items and any statements regarding strategies or plans of management for future operations, statements of belief, any statements concerning new, planned, or upgraded services or technology developments and customer contracts or use of our services. The risks and uncertainties referred to above include – but are not limited to – risks associated with developing and delivering new functionality for our service, new products and services, our new business model, our past operating losses, possible fluctuations in our operating results and rate of growth, interruptions or delays in our Web hosting, breach of our security measures, the outcome of any litigation, risks associated with completed and any possible mergers and acquisitions, the immature market in which we operate, our relatively limited operating history, our ability to expand, retain, and motivate our employees and manage our growth, new releases of our service and successful customer deployment, our limited history reselling non-salesforce.com products, and utilization and selling to larger enterprise customers. Further information on potential factors that could affect the financial results of salesforce.com, inc. is included in our annual report on Form 10-K for the most recent fiscal year and in our quarterly report on Form 10-Q for the most recent fiscal quarter. These documents and others containing important disclosures are available on the SEC Filings section of the Investor Information section of our Web site. Any unreleased services or features referenced in this or other presentations, press releases or public statements are not currently available and may not be delivered on time or at all. Customers who purchase our services should make the purchase decisions based upon features that are currently available. Salesforce.com, inc. assumes no obligation and does not intend to update these forward-looking statements. Safe Harbor
  • 3. SNA Terminal Mainframe LAN / WAN Client Server LAN / WAN Client Server Cloud Mobile Social Data Science Thousands customer interactions connected thingsBillions TrillionsMillions The app revolution is opening up a world of innovation for businesses
  • 4. Apps are generating more customer data than ever before Apps Financial Data Health Data Location Data 90% of the world’s data created in the last 12 months
  • 5. World’s Most Trusted Enterprise Cloud Trust is our #1 value Five Elements of Trust Transparency Always on availability Performance at scale Global data centers Enterprise compliance Q1 Transactions 211B+ Customers 150k Apps 2M+
  • 6. Salesforce Trust Services Infrastructure Services AnalyticsCommunityMarketingServiceSales Apps Network Services Application Services Secure Data Centers Backup and Disaster Recovery 47 Major Releases HTTPS Encryption Penetration Testing Advanced Threat Detection Identity & Single Sign On Two Factor Authentication User Roles & Permissions Field & Row Level Security Secure Firewalls Real-time replication Password Policies Third Party Certifications IP Login Restrictions Customer Audits 150,000+ customers 2,000,000+ apps Sixteen years of innovation on the world’s most trusted cloud
  • 7. Introducing: Salesforce Shield Infrastructure Services Network Services Application Services Secure Data Centers Backup and Disaster Recovery HTTPS Encryption Penetration Testing Advanced Threat Detection Identity & Single Sign On Two Factor Authentication User Roles & Permissions Field & Row Level Security Secure Firewalls Real-time replication Password Policies Third Party Certifications IP Login Restrictions Customer Audits Salesforce Shield Platform Encryption Event Monitoring Field Audit Trail New services to help you build trusted apps fast
  • 8. ​ Monitor User Activity ​ Know who is accessing data from where Optimize Performance ​ Troubleshoot application performance to improve end user experience ​ Track Application Usage ​ Understand application usage to increase adoption Gain Visibility Into User Actions with Event Monitoring
  • 9. Retain Field History for Up to 10 Years with Field Audit Trail ​ Establish Data Retention Policies ​ Know the state and value of data at any time Access Retained Data at Scale ​ Normalize on big data back-end for performance ​ Comply with Industry Regulations ​ Secure data archive with the highest trust standards
  • 10. Encrypt Sensitive Data While Preserving Business Functionality ​ Seamlessly protect data at rest ​ Encrypt standard & custom fields, files & attachments ​  Natively integrated with key Salesforce features ​ E.g., Search, Chatter, Lookups work with encrypted data ​ Customer managed keys ​ Customer-driven encryption key lifecycle management
  • 11. Salesforce Shield New services to help you build trusted apps fast EncryptAuditMonitor Platform EncryptionField Audit TrailEvent Monitoring
  • 12. Salesforce Shield The Event Monitoring Story
  • 13. Auditing, Analytics and Actions at a Glance Audit Fields Login History Setup Audit Trail Field History Tracking Field Audit Trail Event Monitoring Purpose Track who created or last modified a record user and time Track end-user logins and login attempts (e.g. failures) Track Administrative changes in setup like escalation of privileges or creation of new fields Track state changes at the field level Analysis: Track a variety of server interactions including report exports, page views, and document downloads Action: Automate actionable security policies such as limiting data export or notifying on concurrent login sessions Example Adam Torman modified the Acme account earlier today Adam Torman logged in using Chrome v 42.0 on Mac OSX Permission set Modify All Data assigned to user Adam Torman Adam Torman changed the Case status from Open to Closed Adam Torman clicked on Marc Benioff’s patient record and downloaded the customer list Jari Salomaa was prevented from logging into his iPad until he removed a previous login session Interface Record Detail UI and API Setup UI and API Setup UI and API Setup / Related List UI and API API (CSV download) + Wave Integration Setup UI [Profile or Sharing] Permission s Required *Read/Query requires sharing access to parent record Manage User permission *View Setup and Configuration permission Configure requires Customize Application permission *Read/Query requires sharing access to parent record *View Event Log Files permission AND * View Login Forensics Author Apex AND Customize Application Data Retention Policy Life of the record / 18 Months depending on org inception date 6 months FIFO 6 months FIFO 20 fields for 18 months 60 fields for 10 years Up to 30 days for Event Log Files and 10 years for Login Forensics N/A Pricing $0 $0 $0 $0 ** $add-on $0 - Login/Logout Event Log Files for 1 day ** $add-on - 29 log files for 30 days + Login Forensics + Transaction Security Online Audit Fields Login History Setup Audit Field History Field Audit Event Monitoring Transaction Security
  • 14. What we are hearing from CISOs ​ 1. Visibility to user activity ​ Report on what users are doing and where policies are needed ​ 2. Generate security policies ​ Generate real-time actions such as notifications and proactive prevention ​ 3. Automate actions from policies ​ Fine-tune your application portfolio and business process ​ 4. Analyze, monitor results and audit ​ Fine-tune your security policies and provide audit trails for auditors
  • 15. Two halves of the same solution ​  Analytics ​  Actions
  • 17. Analytics For Event Monitoring ​ Support ​ Provide better, data-driven support for your end users ​ Audit ​ Track your user’s activities ​ Optimize ​ Fine-tune your application portfolio and business process
  • 18. Actions For Event Monitoring ​ Customizable Apex Policies ​ Framework auto-generated policies ​ Define Real Time Actions ​ Notify, Block, Force 2FA, Session Chooser ​ Enforce Session Constraints ​ Control the number of active user sessions
  • 20. Problem set: Concurrent Login Sessions ●  Users should not be logged in to more than ‘n’ sessions ●  Limit the number of concurrent sessions to reduce risk with malicious activities ○  FedRamp requirement ●  Security policy should understand who will be impacted and prompt the user to remove previous sessions that no longer apply
  • 22. Analyze current login behaviors using analytics Track login trends and ask questions: ●  Who will be impacted if you create a policy based on Profile, Role, User, etc…? ●  What integrations may break? ●  How are user’s logging in - S1 Mobile, Web Browser, integrations? Policy Generation Event Capture Historical Analytics Real Time Actions Cycle of Security Historical Logs User Segmentatio n Real-time Analytics Audit Event Generation Policy Deployme nt Policy Design Policy Customizatio n
  • 23. Determine criteria for policy By Profile: ●  System Admin Profile >= 2 By Role: ●  East Coast Exec Role >=5 By User: ●  Adam Torman OR Jari Salomaa >=1 By Time: ●  Saturday OR Sundays >=1 Policy Generation Event Capture Historical Analytics Real Time Actions Cycle of Security Historical Logs User Segmentatio n Real-time Analytics Audit Event Generation Policy Deployme nt Policy Design Policy Customizatio n
  • 24. Decide which actions to take Policy Generation Event Capture Historical Analytics Real Time Actions Cycle of Security Historical Logs User Segmentatio n Real-time Analytics Audit Event Generation Policy Deployme nt Policy Design Policy Customizatio n Determine actions to take: ●  None ●  Block ●  2FA ●  Session Chooser
  • 25. Customize Apex policy and add criteria Customize the policy ●  Apply custom criteria such as Profiles, Roles, Users, etc… ●  Work closely with your developers to customize it for your design Policy Generation Event Capture Historical Analytics Real Time Actions Cycle of Security Historical Logs User Segmentatio n Real-time Analytics Audit Event Generation Policy Deployme nt Policy Design Policy Customizatio n
  • 26. Deploy policy Deployment is as easy as selecting a checkbox on the policy Policy Generation Event Capture Historical Analytics Real Time Actions Cycle of Security Historical Logs User Segmentatio n Real-time Analytics Audit Event Generation Policy Deployme nt Policy Design Policy Customizatio n
  • 27. Real-time action policy enforcement In real-time, users will be forced to take an action based on the criteria you created Policy Generation Event Capture Historical Analytics Real Time Actions Cycle of Security Historical Logs User Segmentatio n Real-time Analytics Audit Event Generation Policy Deployme nt Policy Design Policy Customizatio n
  • 28. Analyze policy enforcement and Audit Track how many 2FA or session chooser screens were selected. Policy Generation Event Capture Historical Analytics Real Time Actions Cycle of Security Historical Logs User Segmentatio n Real-time Analytics Audit Event Generation Policy Deployme nt Policy Design Policy Customizatio n
  • 29. Salesforce Platform Encryption Strongly encrypt data at rest while preserving critical business functionality
  • 30. ​ Encrypt data at rest when it is stored on the App Cloud ​ Encrypt Standard & Custom Fields, Files, & Attachments ​ Customers manage their encryption keys on the App Cloud platform What Problems We Solve
  • 31. Why It’s Unique Salesforce Platform Encryption Quickly and seamlessly protect sensitive data Setup takes minutes – no extra hardware or software Makes the App Cloud ‘encryption aware’ Salesforce1 Mobile-ready, natively
  • 32. Salesforce Platform Encryption ​ Encryption Services ​ Standards based encryption built natively into the App Cloud Platform ​ AES encryption using 256bit keys ​ Layers seamlessly with other App Cloud security features ​ Key Management ​ Customer driven key lifecycle management ​ Uses secure derived keys that are never persisted in the App Cloud ​ Hardware Security Module based key management infrastructure ​ FIPS 140-2 compliant ​ Policy Management ​ Customer control over policy configuration ​ Select fields, files, and attachments to be encrypted ​ Encryption controlled with metadata to take complexity out of deployments ​ App Cloud Integration ​ Preserve important functionality like search and business rules ​ Built-in capabilities to iteratively add additional feature support ​ Features and Functionality Overview
  • 33. Architecture Overview Encrypted Fields Encrypted Files AES 256 DATA Database File Storage FFX Database File Storage FFX Database File Storage FFX Database File Storage FFX Key Derivation Server Embedded HSM Key Derivation Server Embedded HSM Key Derivation Server Embedded HSM Key Derivation Server Embedded HSM
  • 34. ​ Keys and Secrets ​ Master Secret Master Wrapping Key ​ Master Salt Tenant Wrapping Key Keys and Secrets Key Derivation Server RSA Key Pair Hardware Security Modules ​ Key Management Components Master HSM Key Derivation Server Embedded HSM ​ Functions ​ Generates Per-Release Secrets and Keys ​ Encrypts Secrets and Keys for Secure Distribution ​ Air-gapped from Production Network Functions Unwraps Per-Release Secrets and Keys Generates and Encrypts Tenant Secret Performs Key Derivation
  • 35. ​ Generated once per release by Salesforce Security Officer using air-gapped Master HSM ​ Encrypted with the Master Wrapping Key and stored in Key Derivation Servers ​ Decryptable only by Key Derivation Server’s Private Key and the Master Wrapping Key ​ Org-specific secret generated, managed, and rotated by customers ​ Manage via Setup or SOAP API ​ Encrypted using the per-release Tenant Wrapping Key and stored in the database ​ Decryptable only by Key Derivation Server’s Private Key and Tenant Wrapping Key ​ Created by Key Derivation Servers via Password Based Key Derivation Function ​ Decrypts and combines Master and Tenant Secrets and Master Salt as input to PBKDF2 function ​ Output of KDF is an Org-specific Data Encryption Key used to encrypt customer field values and files ​ Derived keys are cached on the App Cloud platform Master Secret / Master Salt Tenant Secret Data Encryption Key Key Derivation ​ Creating Org-specific Data Encryption Keys
  • 36. Deriving Data Encryption Keys Standards Based Key Derivation Function: PBDKF2 HMAC with SHA256 Runs 15,000 Iterations Outputs 256 bit length Data Encryption Key Tenant Secret 1 Password Based Key Derivation Function Data Encryption Key 1 Data Encryption Key 1 Cache Master Secret Summer ‘15 Summer ‘15 Master Salt Key Derivation Server Embedded HSM Key Derivation Server Embedded HSM Key Derivation Server Embedded HSM Key Derivation Server Embedded HSM
  • 37. Customer Driven Key Lifecycle Derived Encryption Keys Are Never Persisted Create, Manage, and Rotate Keys Declarative & API Based Key Management Import and Export Tenant Secrets on Demand
  • 38. Field Encryption Policies Customer Driven Encryption Policies Declarative or API Policy Configuration Supports Both Standard and Custom Fields Natively Integrated with the App Cloud Features
  • 39. Standard Field Encryption and Search ​  Standard Field Encryption •  Account Name •  Contact First/Middle/Last Name •  Email •  Phone •  Home/Other Phone •  Mobile •  Fax •  Mailing Street & City •  Person Account fields •  Case Subject, Description •  Case Comments’ Body Search Fields and Files (via Desktop, Salesforce1 Mobile and SOSL)
  • 40. Custom Field Encryption Custom Field Types •  Email •  Phone •  Text •  Text Area •  Text Area (Long) •  URL Enable with Metadata Encrypt Existing Fields
  • 41. Chatter Files and Attachments Encryption Encrypt Content of Chatter Files Preview Encrypted Files File Content Search Encrypt Attachments