Salesforce Shield helps customers with their data compliance and control requirements. One of the key services it includes is tracking and retaining logs on who and how data is accessed. Field Audit Trail is a new storage mechanism for ensuring your audit data remains serviceable throughout its lifetime. Join us to understand how Field Audit Trail can work in conjunction with Platform Monitoring & Encryption to help you meet your compliance requirements. Watch the video now: https://www.youtube.com/watch?v=Jpoc8vgxH14
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
You've Changed: Field Audit Trails and the Salesforce Time Machine
1. You’ve Changed! - Field Audit Trail
and the Salesforce Time Machine
Jonathan Bruce
Director of Product Management
Salesforce
@jonbruce
Jennifer McClain
Director, Product Management
CloudLock
@jenniferdigital
4. World’s Most Trusted Enterprise Cloud
Trust is our #1 value
Five Elements of Trust
Transparency
Always on availability
Performance at scale
Global data centers
Enterprise compliance
Q1 Transactions
211B
+ Customers
150k
Apps
2M+
5. Salesforce Trust Services
Infrastructure Services
AnalyticsCommunityMarketingServiceSales Apps
Network Services
Application Services
Secure Data
Centers
Backup and
Disaster Recovery
47 Major Releases
HTTPS
Encryption
Penetration
Testing
Advanced
Threat Detection
Identity & Single
Sign On
Two Factor
Authentication
User Roles &
Permissions
Field & Row
Level Security
Secure
Firewalls
Real-time
replication
Password
Policies
Third Party
Certifications
IP Login
Restrictions
Customer
Audits
150,000+ customers 2,000,000+ apps
Sixteen years of innovation on the world’s most trusted cloud
6. Introducing: Salesforce Shield
Infrastructure Services
Network Services
Application Services
Secure Data
Centers
Backup and
Disaster Recovery
HTTPS
Encryption
Penetration
Testing
Advanced
Threat Detection
Identity & Single
Sign On
Two Factor
Authentication
User Roles &
Permissions
Field & Row
Level Security
Secure
Firewalls
Real-time
replication
Password
Policies
Third Party
Certifications
IP Login
Restrictions
Customer
Audits
Salesforce Shield
Platform
Encryption
Event
Monitoring
Field Audit
Trail
New services to help you build trusted apps fast
7. Monitor User Activity
Know who is accessing data from where
Optimize Performance
Troubleshoot application performance to
improve end user experience
Track Application Usage
Understand application usage to increase
adoption
Gain Visibility Into User Actions with Event Monitoring
8. Encrypt Sensitive Data While Preserving Business Functionality
Seamlessly protect data at rest
Encrypt standard & custom fields, files & attachments
Natively integrated with key Salesforce features
E.g., Search, Chatter, Lookups work with encrypted data
Customer managed keys
Customer-driven encryption key lifecycle management
9. Strengthen Data Integrity with Field Audit Trail
Ensure data is accurate, complete &
reliable
Answers the who, what, when of data changes
Establish Data Retention Policies
Comply with internal and industry regulations
Track and Access Data at Scale
Big data back-end for more fields for longer
retention
10. “I need the ability to audit who has viewed
a records regardless of how they access
it” - -Summa (SI) -Phillips Sapphire
“I have a customer that had an issue
where they were hacked a couple months
ago. The hack stole someone's SFDC
user name/PW and extracted a list of their
contacts & customer info. They spent
weeks with legal teams, insurance and the
like afterwards (big $$). ” - Charles Schwab
Security & Audit Use Cases
11. “Our case object is the core of our org,
and records everything. We have maybe
100 fields on there that track all sorts of
metrics – whether it’s a case, various
actionable dates, attributes, etc. We’re
going need to add even more in order to
support the latest product release cases.
- Wearable Device Vendor
Business Process Use Cases
12. Biggest Asks from the Past Year
● New Retention Policy UI - most requested feature!
● True up all objects types for parity with Field History Tracking
● Improved SOQL capabilities
● Round out field type coverage (large text field, multi-select
picklists...)
● Longer Retention periods
13. Now, You Can Enhance Record Retention Capabilities
Keep track of your data evolution and life cycle
3x20 FIELDS PER OBJECTFIELDS PER OBJECT
Out-of-the-Box Field Audit Trail
Applies to all editions: Contact Manager, Group, Professional, Enterprise, Performance, Unlimited,
Developer
SOQL
Bulk API
14. Maximize Auditability Without Sacrificing Performance
Retain archived field history data up to 10 years, independent of field history tracking
18
10
MONTHS
YEARS
SALESFORCE FIELD AUDIT TRAIL
1DAY
FIELD HISTORY
accounts
contacts leads
opportunities
cases
custom object
custom object
custom object
custom object
custom object
custom objectcustom object
inspection
warehouse inventory
position
job
review
badge
workstation
workstation
user story patient medications
budgets
expenses
members
points
transactions
OUT-OF-THE BOX CUSTOM POLICY
DATA ARCHIVE
bug
applicant
candidate
15. Secure Online Data Archive for Business Compliance
Single normalized data set for easier query, storage and accessibility
16. Field Audit Trail in a Nutshell
Single normalized data set for easier
query, storage and accessibility
18. Moving Quickly to Address Swiss Cheese Effect
Biggest asks from the past year include:
● New Retention Policy UI - most requested feature!
● True up - entity types for parity with Field History Tracking
● Improved SOQL capabilities
● Round out field type coverage (large text field, multi-select
picklists...)
● Longer Retention periods
19. Field Audit Trail - Policy Configuration UI
Assess Field Audit risk
Org-wide view of field audit tracking in your org
Overview of Policies
Holistic view of object-specific retention policies
Policy Deployment
Immediate policy enforcement
Available
post #DF
‘15
20. Demo - Field Audit Trail UI
Shawn Butterfield, PMM
27. Field Audit Trail in CloudLock’s Security Fabric
• Compliance Auditing
• Forensics
• User Education
28. The Future of Field Audit Trails in CloudLock’s Security Fabric
• Gain insight into your
existing Field Audit Trail
configuration from a
compliance perspective.
• Fine tune your Field Audit
Trail settings to enhance
platform security
• Realize the impact of
archival with proper Data
Retention Policies.
• Prescriptive analytics aid
in security & compliance
best practices
29. The Future of Field Audit Trail in CloudLock’s Security Fabric
• Automated, Policy-Driven Response Actions to selectively archive field
history