The document summarizes CipherCloud's security solutions for Salesforce. It discusses how CipherCloud enhances Salesforce security by protecting sensitive data from leaks, extending data loss prevention to the cloud, preventing unauthorized access, and monitoring user activity. Key features include encryption, tokenization, malware detection, activity monitoring, and anomaly detection to secure data and detect threats. The document provides an overview of CipherCloud's capabilities and customer case studies.
Privacy regulations and corporate data governance issues continue to block many enterprises from realizing the full business benefits of Salesforce. CipherCloud helps remove these barriers by providing tools to detect compliance violations, provide strong protection for sensitive data, and monitor your Salesforce user activity for anomalous behavior.
With CipherCloud for Salesforce you can:
Discover what your users are doing in the cloud and prevent data loss with detailed and precise visibility over all activity in Salesforce.
Protect your cloud data with strong encryption (FIPS 140-2 validated), tokenization, and malware protection to ensure that no unauthorized users can access sensitive information.
Monitor cloud usage with complete visibility over user activity and alerting on user behavior anomalies
The Cloud Data Loss Prevention (DLP) module enables you to extend your corporate data security policies to the cloud, providing detailed visibility over sensitive business data in Salesforce and Salesforce Chatter. The solution is tightly integrated with the entire Salesforce platform and understands all types of objects and data stored in the cloud. With a single click, you can scan your Salesforce Orgs and Salesforce Chatter content to quickly spot violations of your content policies.
CipherCloud provides out-of-the-box DLP controls and policies that can detect compliance violations of HIPAA/HITECH, GLBA, PCI, ABA, SWIFT, and NDC codes. The module can also integrate enterprise DLP systems, such as Symantec, RSA, or Intel Security (McAfee).
Results are delivered in clear, intuitive, and configurable dashboards. Easy drill-downs let you view specific user information and spot the exact source of policy violations directly in Salesforce. Any information captured by CipherCloud can be easily exported to a range of report formats.
CipherCloud gives you a control point for corporate data going to and from the cloud. All your users—internal, remote, or mobile—can seamlessly access Salesforce and Salesforce Chatter, while enabling you to enforce your company’s security policies.
CipherCloud Data Protection provides FIPS 140-2 validated encryption or tokenization for data before the data goes to the cloud.
Malware detection is also available as an added safeguard, scanning your data for threats before it goes into Salesforce. High-performance scanning engines detect the latest threats (viruses, spyware, network worms, Trojans, bots, rootkits, and more) and clean or quarantine infected content on-the-fly, without adding noticeable latency.
CipherCloud also provides tokenization to meet the most stringent data residency requirements. With tokenization, randomly generated values are substituted for the original data, which does not leave the enterprise. The original data and mappings for the tokens are stored locally in a JDBC-compliant database.
Only your authorized users have access to protected data in Salesforce. Unauthorized users will only see indecipherable codes.
Granular controls let you select protection options on a field-by-field basis for structured or free-form Salesforce data. CipherCloud offers multiple strong encryption options that preserve formats, partial field encryption, and Searchable Strong Encryption (SSE). You can mix and match encryption or tokenization methods to meet your specific data protection requirements.
CipherCloud’s patented technology enables you to retain the format and functioning of Salesforce, even when data is encrypted or tokenized. This enables your Salesforce users to search, sort, and report on protected data in Salesforce.
No protection solution is complete without ongoing usage and activity monitoring. The Activity Monitoring and Anomaly Detection modules provide you with the tools to quickly and effectively respond to security events or policy violations.
The interactive dashboard provides complete visibility into ongoing user activity, along with anomaly detection that can help you identify system misuse in real-time. Events are monitored against historic usage patterns, identifying anomalous behaviors that could be a sign of malicious use or an account breach.
You can easily configure thresholds and dashboard alerts on any unusual user activity that might indicate problems. This includes activity such as excessive downloads, after-hours activity, or unauthorized access to sensitive content. Thresholds can be automatically or manually configured to minimize false positives.
CipherCloud for Salesforce includes deep integration with Chatter, providing Cloud DLP, encryption, tokenization, and activity monitoring for unstructured Chatter posts and file attachments. The solution provides seamless support for Chatter # tags and @ mentions, maintaining the searchability of encrypted Chatter posts.
CipherCloud works with the entire Salesforce Platform, providing deep integration with popular Salesforce products including Sales Cloud, Service Cloud, Marketing Cloud and Chatter. In addition, the CipherCloud Extensible Platform can support any type of custom application built on the Salesforce1 Platform, as well as a wide range of third-party applications available on the AppExchange ecosystem.
CipherCloud for Salesforce is typically deployed as an in-line solution between users and Salesforce. Acting as a gateway, CipherCloud for Salesforce is positioned to transparently inspect data and apply data protection policies before the data goes to Salesforce. Designed for high-performance and availability, the CipherCloud for Salesforce gateway adds virtually zero latency, maintaining the normal Salesforce user experience. CipherCloud for Salesforce integrates with your existing single sign-on tools and, with only a simple URL redirect required, your users can access Salesforce as usual and without change to the user experience.
Because of the in-line architecture, CipherCloud for Salesforce is able to monitor and analyze Salesforce content and all user activity. Deeply integrated with Salesforce, the solution is aware of all your Salesforce data fields, enabling it to scan and analyze data entered into Salesforce, both through the CipherCloud gateway and out of band.