Salesforce has released Shield, a new security toolkit offering a wide range of functionality, including native encryption, auditing, data archival, and event monitoring capabilities.
At CloudLock, we couldn’t be more excited with these developments, as they allow our existing integrations with Salesforce to align with and extend these capabilities.
Salesforce Security: API is the New Gateway
In taking an API-based approach to complement existing Salesforce security capabilities, CloudLock does not fall prey to the downsides associated with proxy-based encryption, which breaks a number of functionalities within Salesforce, such as search and reporting. CloudLock preserves the native functionality of Salesforce that led to adoption in the first place.
Rather than squaring off against Salesforce, CloudLock recognizes the expertise and rich suite of capabilities Salesforce brings to the table; we choose to align with Salesforce and work alongside them.
After all, the organization has been building security into their platform for well over a decade – why would you install a gateway that front-ends the platform, creating more risk and infinitely complicating deployments?
In fact, many gateways are caching data directly on their websites, creating an additional threat vector and what if those fancy new keys are lost ? Enterprises would be out of luck.
Salesforce Shield and CloudLock: A Match Made in the Cloud
Salesforce is incredibly secure, but the cloud is a shared responsibility model, meaning the clients are responsible to govern how employees and 3rd party applications interact and inject data into the systems. By marrying Salesforce Shield with the CloudLock Security Fabric, organizations stand to dramatically improve information security within the platform:
- Data Governance: Fire up CloudLock’s industry-leading, customizable policy engine to ensure data compliance across your orgs.
- Selective Encryption: CloudLock can call Salesforce Shield to selectively encrypt sensitive data or files – all driven by highly-tunable policies to allow organizations to protect the information that matters to them.
- Continuous: Retroactively examine your existing data and monitor data being entered in real-time to trigger encryption for rapid remediation and gain a superior security posture.
Let’s consider a concrete example: When a credit card number is identified, the field (or entire file) is immediately encrypted using Salesforce Platform encryption. Additionally, files can be quarantined with standard field level encryption.
Due to our cloud-native approach, CloudLock can work with Salesforce instead of against Salesforce, ensuring improved security while maintaining a positive experience for end users regardless of where (on the corporate network, via VPN, or from Starbucks) or how (desktop, mobile, iOS app) they access Salesforce. Additionally, CloudLock offers support for applications built on Force.com, including both publicly available apps and custom, internally-developed apps.
CloudLock for Salesforce
In order to best appreciate the synergy between Salesforce Shield and CloudLock, request a demo of CloudLock for Salesforce or visit our listing on the Salesforce App Exchange to gain meaningful control of risks and exposures today. If you want to learn more about Salesforce Shield, check it out at Salesforce.com.