SlideShare una empresa de Scribd logo

Encrypt Sensitive Data while Preserving Platform Functionality

Descargar como PPTX, PDF
Salesforce Developers
Salesforce Developers

Salesforce has led the industry with trust and security on our cloud platform. A new feature for Summer ‘15, Platform Encryption is now generally available* as part of Salesforce Shield. Use Platform Encryption so your company can confidently prove compliance with privacy policies, regulatory requirements, and contractual obligations for handling private data. Platform Encryption helps address some concerns about protecting confidential information. It prevents sensitive data from residing in clear, decipherable form and allows you to manage your tenant secrets, which are used to derive the keys that protect your data. Salesforce is committed to high security standards and offers multiple data encryption options. Customers who want to adopt or extend their use of Salesforce can consider using Platform Encryption to comply with various standards. *Note Platform Encryption and Salesforce Shield require additional licenses. What you will learn: Understand core concepts around the Salesforce Shield encryption as a service feature. Hear how you can enable and manage Salesforce Shield for end users. Learn to rotate and manage your key. See use of Salesforce Shield with Search, Reports, and SOQL Gain API Access to Platform Encryption Features

Tecnología
1 de 37
#forcewebinar Encrypt Sensitive Data while Preserving Platform Functionality July 7, 2015
#forcewebinar Safe Harbor Safe harbor statement under the Private Securities Litigation Reform Act of 1995: This presentation may contain forward-looking statements that involve risks, uncertainties, and assumptions. If any such uncertainties materialize or if any of the assumptions proves incorrect, the results of salesforce.com, inc. could differ materially from the results expressed or implied by the forward- looking statements we make. All statements other than statements of historical fact could be deemed forward-looking, including any projections of product or service availability, subscriber growth, earnings, revenues, or other financial items and any statements regarding strategies or plans of management for future operations, statements of belief, any statements concerning new, planned, or upgraded services or technology developments and customer contracts or use of our services. The risks and uncertainties referred to above include – but are not limited to – risks associated with developing and delivering new functionality for our service, new products and services, our new business model, our past operating losses, possible fluctuations in our operating results and rate of growth, interruptions or delays in our Web hosting, breach of our security measures, the outcome of any litigation, risks associated with completed and any possible mergers and acquisitions, the immature market in which we operate, our relatively limited operating history, our ability to expand, retain, and motivate our employees and manage our growth, new releases of our service and successful customer deployment, our limited history reselling non-salesforce.com products, and utilization and selling to larger enterprise customers. Further information on potential factors that could affect the financial results of salesforce.com, inc. is included in our annual report on Form 10-K for the most recent fiscal year and in our quarterly report on Form 10-Q for the most recent fiscal quarter. These documents and others containing important disclosures are available on the SEC Filings section of the Investor Information section of our Web site. Any unreleased services or features referenced in this or other presentations, press releases or public statements are not currently available and may not be delivered on time or at all. Customers who purchase our services should make the purchase decisions based upon features that are currently available. Salesforce.com, inc. assumes no obligation and does not intend to update these forward-looking statements.
#forcewebinar#forcewebinar Speakers Peter Chittum Developer Evangelist @pchittum github.com/pchittum Assaf Ben-Gur Senior Product Manager @assafbengur
#forcewebinar Go Social! Salesforce Developers +Salesforce Developers Salesforce Developers Salesforce Developers The video will be posted to YouTube & the webinar recap page (same URL as registration). This webinar is being recorded! @salesforcedevs / #forcewebinar
#forcewebinar ▪ Don’t wait until the end to ask your question! – Technical support will answer questions starting now. ▪ Respect Q&A etiquette – Please don’t repeat questions. The support team is working their way down the queue. ▪ Stick around for live Q&A at the end – Speakers will tackle more questions at the end, time- allowing. ▪ Head to Developer Forums – More questions? Visit developer.salesforce.com/forums Have Questions?
#forcewebinar Agenda ▪ Overview of Platform Encryption ▪ Platform Encryption Architecture ▪ Setting Up Platform Encryption ▪ Platform Encryption and Development
#forcewebinar Introducing: Salesforce Shield Infrastructure Services Network Services Application Services Secure Data Centers Backup and Disaster Recovery HTTPS Encryption Penetration Testing Advanced Threat Detection Identity & Single Sign On Two Factor Authentication User Roles & Permissions Field & Row Level Security Secure Firewalls Real-time replication Password Policies Third Party Certifications IP Login Restrictions Customer Audits Salesforce Shield Platform Encryption Event Monitoring Field Audit Trail New services to help you build trusted apps fast
#forcewebinar Encrypt Sensitive Data, Preserving Business Functionality Seamlessly protect data at rest Encrypt standard & custom fields, files & attachments Natively integrated with key Salesforce features E.g., Search, Chatter, Lookups work with encrypted data Customer managed keys Customer-driven encryption key lifecycle management
#forcewebinar Encryption Authentication & SSO Two factor Auth Profiles/Permissions Sharing & FLS Setup Audit Trail Field History Tracking Event Monitoring Identity Encryption
#forcewebinar Platform Encryption Use Cases ▪ Regulatory Compliance ▪ Unauthorized Access to Database ▪ Contractual Obligations
#forcewebinar Platform Encryption is Not ▪ Sharing Model ▪ Object/Field Level Security ▪ Data Residency Solution ▪ Encryption for Other Non-Salesforce Data ▪ Protection against User Credential Compromise trust.salesforce.com
#forcewebinar Platform Encryption Features ▪ Privileged Users ▪ Encrypt data “at rest” ▪ Encrypt Fields and Files ▪ Granular Control of Encrypted Data ▪ Customer Key Lifecycle Ownership ▪ Config and Maintenance is Point and Click ▪ Support for API and coding on the platform
#forcewebinar Users
#forcewebinar Encrypt at Rest: Fields Name: Darla Hood Name: aI90xi60csICOdk Encryption Service Darla Hood ***********
#forcewebinar Encrypt at Rest: Files Lorem ipsum dolor Encryption Service Xvier0c 9ghcru cjf4x21f fdqbBLorem ipsum dolor
#forcewebinar Granular Control: Fields ▪ Individual Fields – Text – Text Area Long – Email – Phone – URL – Some Standard Fields ▪ Enabled with flag
#forcewebinar ▪ Files enabled separately – Attachments – Chatter – Files – Libraries ▪ All or none Granular Control: Files
#forcewebinar Encryption Key ▪ Master Secret (Salesforce) – Rotated each release – Stored in the Key Derivation Servers ▪ Tenant Secret (Customer) – Can be Rotated once per day in Prod – Stored encrypted in DB ▪ Data Encryption Key – Derived from Secrets – Stored in cache
#forcewebinar Features and Support ▪ GA Summer 15 ▪ Feature License Required ▪ Support for – Global Search – Lookups – Workflow – Approval Processes – Validation Rules
#forcewebinar Agenda ▪ Overview of Platform Encryption ▪ Platform Encryption Architecture ▪ Setting Up Platform Encryption ▪ Platform Encryption and Development
#forcewebinar Architecture Overview Encryption Service Hardware Security Modules Key Derivation • Standards based encryption built natively into the Salesforce Platform • AES encryption using 256bit keys in CBC mode and random IV • Data encryption and decryption actions are transparent • Layers seamlessly with other Salesforce security features • Hardware Security Module based key management infrastructure • FIPS 140-2 compliant HW • Master HSM • Key Derivation Servers with embedded HSM card • Multi-tenant, org-specific key management • Customer driven key lifecycle management • Uses PBDKF2 HMAC with SHA256 • Derive secure 256-bit keys that are never persisted in Salesforce
#forcewebinar Encryption Architecture & Process Overview 1. Data is sent to the application server. 2. The application server checks if the Data Encryption Key exists in memory. 3. a) If the data encryption key is found in the cache, the application server retrieves it. b) If the data encryption key is not found, the application server reads the organization's encrypted active tenant secret from the database and requests a key from the Key Derivation Server. 1. The encryption service encrypts the data on the application server. 2. The encrypted data is stored.
#forcewebinar Global Availability San Jose Chicago London Tokyo Washington ASG Coming Late 2015
#forcewebinar Agenda ▪ Overview of Platform Encryption ▪ Platform Encryption Architecture ▪ Setting Up Platform Encryption ▪ Platform Encryption and Development
#forcewebinar Demo ▪ Setup Encryption – Enable Users – Generate Key – Select Fields/Files – Manage Keys
#forcewebinar Agenda ▪ Overview of Platform Encryption ▪ Platform Encryption Architecture ▪ Setting Up Platform Encryption ▪ Platform Encryption and Development
#forcewebinar Demo ▪ TenantSecret sObject ▪ API and Integration – REST and SOAP Support ▪ Coding and Encryption – SOSL – Solving Sorting in Apex – Apex and Key Rotation
#forcewebinar Some Considerations ▪ Limitations – Sharing Rules – Person Accounts (Roadmap) – SOQL and List Filters – Formula Fields – Communities and Portals – Other Features ▪ Integration could be affected
#forcewebinar Roadmap (Safe Harbor) ▪ Support additional standard/custom fields and other content encryption (Person Account std fields, Case Subject, Description and Case Comments, Text Area custom field type etc.) ▪ Make additional features encryption-aware and preserve more functionality (Search via S1 mobile devices, Communities etc.) ▪ Build additional key management tooling (Customer supplied keys, Key Brokering etc.)
#forcewebinar Resources ▪ Intro to Platform Encryption ▪ Release Notes ▪ Whitepaper ▪ Best Practices ▪ Classic Encrypted Custom Fields vs Platform Encryption ▪ TenantSecret (SOAP API) ▪ Field MDAPI (Encrypted bit) ▪ Considerations ▪ Summer '15 Webinar + Demo (15min)
#forcewebinar Read the Docs
#forcewebinar Plan
#forcewebinar Back Up Your Secret
#forcewebinar Signing up for Developer Org in EMEA developer.salesforce.com/signup Choose United States as country
#forcewebinar#forcewebinar Q & A Peter Chittum Developer Evangelist @pchittum github.com/pchittum Assaf Ben-Gur Senior Product Manager @assafbengur github.com/pchittum/platform-encryption-webinar
#forcewebinar#forcewebinar Survey Your feedback is crucial to the success of our webinar programs. Thank you! http://bit.ly/1JJVGxX
#forcewebinar Thank you

Recomendados

Platform Encryption for ISVs (February 23, 2016)
Platform Encryption for ISVs (February 23, 2016)Platform Encryption for ISVs (February 23, 2016)
Platform Encryption for ISVs (February 23, 2016)
Salesforce Partners
 
Salesforce Platform Encryption Developer Strategy
Salesforce Platform Encryption Developer StrategySalesforce Platform Encryption Developer Strategy
Salesforce Platform Encryption Developer Strategy
Peter Chittum
 
Introducing salesforce shield - Paris Salesforce Developer Group - Oct 15
Introducing salesforce shield - Paris Salesforce Developer Group - Oct 15Introducing salesforce shield - Paris Salesforce Developer Group - Oct 15
Introducing salesforce shield - Paris Salesforce Developer Group - Oct 15
Paris Salesforce Developer Group
 
Salesforce Presentation
Salesforce PresentationSalesforce Presentation
Salesforce Presentation
Chetna Purohit
 
Chatter 101 for the Salesforce Admin - Becky Webster
Chatter 101 for the Salesforce Admin - Becky WebsterChatter 101 for the Salesforce Admin - Becky Webster
Chatter 101 for the Salesforce Admin - Becky Webster
Salesforce Admins
 
3 guiding priciples to improve data security
3 guiding priciples to improve data security3 guiding priciples to improve data security
3 guiding priciples to improve data security
Keith Braswell
 
Why Data Security is Important
Why Data Security is ImportantWhy Data Security is Important
Why Data Security is Important
Buzz Marketing Pros
 
Secure sensitive data sharing on a big data platform
Secure sensitive data sharing on a big data platformSecure sensitive data sharing on a big data platform
Secure sensitive data sharing on a big data platform
redpel dot com
 

Recomendados

Platform Encryption for ISVs (February 23, 2016)
Platform Encryption for ISVs (February 23, 2016)Platform Encryption for ISVs (February 23, 2016)
Platform Encryption for ISVs (February 23, 2016)
Salesforce Partners
 
Salesforce Platform Encryption Developer Strategy
Salesforce Platform Encryption Developer StrategySalesforce Platform Encryption Developer Strategy
Salesforce Platform Encryption Developer Strategy
Peter Chittum
 
Introducing salesforce shield - Paris Salesforce Developer Group - Oct 15
Introducing salesforce shield - Paris Salesforce Developer Group - Oct 15Introducing salesforce shield - Paris Salesforce Developer Group - Oct 15
Introducing salesforce shield - Paris Salesforce Developer Group - Oct 15
Paris Salesforce Developer Group
 
Salesforce Presentation
Salesforce PresentationSalesforce Presentation
Salesforce Presentation
Chetna Purohit
 
Chatter 101 for the Salesforce Admin - Becky Webster
Chatter 101 for the Salesforce Admin - Becky WebsterChatter 101 for the Salesforce Admin - Becky Webster
Chatter 101 for the Salesforce Admin - Becky Webster
Salesforce Admins
 
3 guiding priciples to improve data security
3 guiding priciples to improve data security3 guiding priciples to improve data security
3 guiding priciples to improve data security
Keith Braswell
 
Why Data Security is Important
Why Data Security is ImportantWhy Data Security is Important
Why Data Security is Important
Buzz Marketing Pros
 
Secure sensitive data sharing on a big data platform
Secure sensitive data sharing on a big data platformSecure sensitive data sharing on a big data platform
Secure sensitive data sharing on a big data platform
redpel dot com
 
David Smith gfke 2014
David Smith gfke 2014David Smith gfke 2014
David Smith gfke 2014
innovationoecd
 
Coding the Salesforce User Interface with Visualforce Pages
Coding the Salesforce User Interface with Visualforce PagesCoding the Salesforce User Interface with Visualforce Pages
Coding the Salesforce User Interface with Visualforce Pages
Christopher Lewis
 
Bridging the gap between privacy and big data Ulf Mattsson - Protegrity Sep 10
Bridging the gap between privacy and big data Ulf Mattsson - Protegrity Sep 10Bridging the gap between privacy and big data Ulf Mattsson - Protegrity Sep 10
Bridging the gap between privacy and big data Ulf Mattsson - Protegrity Sep 10
Ulf Mattsson
 
Big Data and Mobile Commerce - Privacy and Data Protection
Big Data and Mobile Commerce - Privacy and Data ProtectionBig Data and Mobile Commerce - Privacy and Data Protection
Big Data and Mobile Commerce - Privacy and Data Protection
Kenneth Ho
 
Privacy and Big Data Overload!
Privacy and Big Data Overload!Privacy and Big Data Overload!
Privacy and Big Data Overload!
SparkPost
 
Secure sensitive data sharing on a big data platform
Secure sensitive data sharing on a big data platformSecure sensitive data sharing on a big data platform
Secure sensitive data sharing on a big data platform
Nexgen Technology
 
Best Practices for Protecting Sensitive Data Across the Big Data Platform
Best Practices for Protecting Sensitive Data Across the Big Data PlatformBest Practices for Protecting Sensitive Data Across the Big Data Platform
Best Practices for Protecting Sensitive Data Across the Big Data Platform
MapR Technologies
 
Cloud computing for mobile users can offloading computation save energy
Cloud computing for mobile users can offloading computation save energyCloud computing for mobile users can offloading computation save energy
Cloud computing for mobile users can offloading computation save energy
Madan Golla
 
Salesforce Performance hacks - Client Side
Salesforce Performance hacks - Client SideSalesforce Performance hacks - Client Side
Salesforce Performance hacks - Client Side
Paris Salesforce Developer Group
 
Chatter best practices tips and tricks
Chatter best practices tips and tricksChatter best practices tips and tricks
Chatter best practices tips and tricks
Craig Bolden
 
Manage Development in Your Org with Salesforce Governance Framework
Manage Development in Your Org with Salesforce Governance FrameworkManage Development in Your Org with Salesforce Governance Framework
Manage Development in Your Org with Salesforce Governance Framework
Salesforce Developers
 
How to scale and deploy NodeJS app
How to scale and deploy NodeJS appHow to scale and deploy NodeJS app
How to scale and deploy NodeJS app
Yacobus Reinhart
 
Presentation on vechile operator safety
Presentation on vechile operator safetyPresentation on vechile operator safety
Presentation on vechile operator safety
Shivam Sharma
 
CASBs: Real World Use Cases
CASBs: Real World Use CasesCASBs: Real World Use Cases
CASBs: Real World Use Cases
Bitglass
 
Salesforce Coding techniques that keep your admins happy (DF13)
Salesforce Coding techniques that keep your admins happy (DF13)Salesforce Coding techniques that keep your admins happy (DF13)
Salesforce Coding techniques that keep your admins happy (DF13)
Roy Gilad
 
Sample Gallery: Reference Code and Best Practices for Salesforce Developers
Sample Gallery: Reference Code and Best Practices for Salesforce DevelopersSample Gallery: Reference Code and Best Practices for Salesforce Developers
Sample Gallery: Reference Code and Best Practices for Salesforce Developers
Salesforce Developers
 
Maximizing Salesforce Lightning Experience and Lightning Component Performance
Maximizing Salesforce Lightning Experience and Lightning Component PerformanceMaximizing Salesforce Lightning Experience and Lightning Component Performance
Maximizing Salesforce Lightning Experience and Lightning Component Performance
Salesforce Developers
 
Local development with Open Source Base Components
Local development with Open Source Base ComponentsLocal development with Open Source Base Components
Local development with Open Source Base Components
Salesforce Developers
 
TrailheaDX India : Developer Highlights
TrailheaDX India : Developer HighlightsTrailheaDX India : Developer Highlights
TrailheaDX India : Developer Highlights
Salesforce Developers
 
Why developers shouldn’t miss TrailheaDX India
Why developers shouldn’t miss TrailheaDX IndiaWhy developers shouldn’t miss TrailheaDX India
Why developers shouldn’t miss TrailheaDX India
Salesforce Developers
 
CodeLive: Build Lightning Web Components faster with Local Development
CodeLive: Build Lightning Web Components faster with Local DevelopmentCodeLive: Build Lightning Web Components faster with Local Development
CodeLive: Build Lightning Web Components faster with Local Development
Salesforce Developers
 
CodeLive: Converting Aura Components to Lightning Web Components
CodeLive: Converting Aura Components to Lightning Web ComponentsCodeLive: Converting Aura Components to Lightning Web Components
CodeLive: Converting Aura Components to Lightning Web Components
Salesforce Developers
 

Más contenido relacionado

Destacado

Bridging the gap between privacy and big data Ulf Mattsson - Protegrity Sep 10
Bridging the gap between privacy and big data Ulf Mattsson - Protegrity Sep 10Bridging the gap between privacy and big data Ulf Mattsson - Protegrity Sep 10
Bridging the gap between privacy and big data Ulf Mattsson - Protegrity Sep 10
Ulf Mattsson
 
Big Data and Mobile Commerce - Privacy and Data Protection
Big Data and Mobile Commerce - Privacy and Data ProtectionBig Data and Mobile Commerce - Privacy and Data Protection
Big Data and Mobile Commerce - Privacy and Data Protection
Kenneth Ho
 
Privacy and Big Data Overload!
Privacy and Big Data Overload!Privacy and Big Data Overload!
Privacy and Big Data Overload!
SparkPost
 
How to scale and deploy NodeJS app
How to scale and deploy NodeJS appHow to scale and deploy NodeJS app
How to scale and deploy NodeJS app
Yacobus Reinhart
 

Destacado (15)

David Smith gfke 2014
David Smith gfke 2014David Smith gfke 2014
David Smith gfke 2014
 
Coding the Salesforce User Interface with Visualforce Pages
Coding the Salesforce User Interface with Visualforce PagesCoding the Salesforce User Interface with Visualforce Pages
Coding the Salesforce User Interface with Visualforce Pages
 
Bridging the gap between privacy and big data Ulf Mattsson - Protegrity Sep 10
Bridging the gap between privacy and big data Ulf Mattsson - Protegrity Sep 10Bridging the gap between privacy and big data Ulf Mattsson - Protegrity Sep 10
Bridging the gap between privacy and big data Ulf Mattsson - Protegrity Sep 10
 
Big Data and Mobile Commerce - Privacy and Data Protection
Big Data and Mobile Commerce - Privacy and Data ProtectionBig Data and Mobile Commerce - Privacy and Data Protection
Big Data and Mobile Commerce - Privacy and Data Protection
 
Privacy and Big Data Overload!
Privacy and Big Data Overload!Privacy and Big Data Overload!
Privacy and Big Data Overload!
 
Secure sensitive data sharing on a big data platform
Secure sensitive data sharing on a big data platformSecure sensitive data sharing on a big data platform
Secure sensitive data sharing on a big data platform
 
Best Practices for Protecting Sensitive Data Across the Big Data Platform
Best Practices for Protecting Sensitive Data Across the Big Data PlatformBest Practices for Protecting Sensitive Data Across the Big Data Platform
Best Practices for Protecting Sensitive Data Across the Big Data Platform
 
Cloud computing for mobile users can offloading computation save energy
Cloud computing for mobile users can offloading computation save energyCloud computing for mobile users can offloading computation save energy
Cloud computing for mobile users can offloading computation save energy
 
Salesforce Performance hacks - Client Side
Salesforce Performance hacks - Client SideSalesforce Performance hacks - Client Side
Salesforce Performance hacks - Client Side
 
Chatter best practices tips and tricks
Chatter best practices tips and tricksChatter best practices tips and tricks
Chatter best practices tips and tricks
 
Manage Development in Your Org with Salesforce Governance Framework
Manage Development in Your Org with Salesforce Governance FrameworkManage Development in Your Org with Salesforce Governance Framework
Manage Development in Your Org with Salesforce Governance Framework
 
How to scale and deploy NodeJS app
How to scale and deploy NodeJS appHow to scale and deploy NodeJS app
How to scale and deploy NodeJS app
 
Presentation on vechile operator safety
Presentation on vechile operator safetyPresentation on vechile operator safety
Presentation on vechile operator safety
 
CASBs: Real World Use Cases
CASBs: Real World Use CasesCASBs: Real World Use Cases
CASBs: Real World Use Cases
 
Salesforce Coding techniques that keep your admins happy (DF13)
Salesforce Coding techniques that keep your admins happy (DF13)Salesforce Coding techniques that keep your admins happy (DF13)
Salesforce Coding techniques that keep your admins happy (DF13)
 

Más de Salesforce Developers

Local development with Open Source Base Components
Local development with Open Source Base ComponentsLocal development with Open Source Base Components
Local development with Open Source Base Components
Salesforce Developers
 
Why developers shouldn’t miss TrailheaDX India
Why developers shouldn’t miss TrailheaDX IndiaWhy developers shouldn’t miss TrailheaDX India
Why developers shouldn’t miss TrailheaDX India
Salesforce Developers
 
CodeLive: Build Lightning Web Components faster with Local Development
CodeLive: Build Lightning Web Components faster with Local DevelopmentCodeLive: Build Lightning Web Components faster with Local Development
CodeLive: Build Lightning Web Components faster with Local Development
Salesforce Developers
 
CodeLive: Converting Aura Components to Lightning Web Components
CodeLive: Converting Aura Components to Lightning Web ComponentsCodeLive: Converting Aura Components to Lightning Web Components
CodeLive: Converting Aura Components to Lightning Web Components
Salesforce Developers
 

Más de Salesforce Developers (20)

Sample Gallery: Reference Code and Best Practices for Salesforce Developers
Sample Gallery: Reference Code and Best Practices for Salesforce DevelopersSample Gallery: Reference Code and Best Practices for Salesforce Developers
Sample Gallery: Reference Code and Best Practices for Salesforce Developers
 
Maximizing Salesforce Lightning Experience and Lightning Component Performance
Maximizing Salesforce Lightning Experience and Lightning Component PerformanceMaximizing Salesforce Lightning Experience and Lightning Component Performance
Maximizing Salesforce Lightning Experience and Lightning Component Performance
 
Local development with Open Source Base Components
Local development with Open Source Base ComponentsLocal development with Open Source Base Components
Local development with Open Source Base Components
 
TrailheaDX India : Developer Highlights
TrailheaDX India : Developer HighlightsTrailheaDX India : Developer Highlights
TrailheaDX India : Developer Highlights
 
Why developers shouldn’t miss TrailheaDX India
Why developers shouldn’t miss TrailheaDX IndiaWhy developers shouldn’t miss TrailheaDX India
Why developers shouldn’t miss TrailheaDX India
 
CodeLive: Build Lightning Web Components faster with Local Development
CodeLive: Build Lightning Web Components faster with Local DevelopmentCodeLive: Build Lightning Web Components faster with Local Development
CodeLive: Build Lightning Web Components faster with Local Development
 
CodeLive: Converting Aura Components to Lightning Web Components
CodeLive: Converting Aura Components to Lightning Web ComponentsCodeLive: Converting Aura Components to Lightning Web Components
CodeLive: Converting Aura Components to Lightning Web Components
 
Enterprise-grade UI with open source Lightning Web Components
Enterprise-grade UI with open source Lightning Web ComponentsEnterprise-grade UI with open source Lightning Web Components
Enterprise-grade UI with open source Lightning Web Components
 
TrailheaDX and Summer '19: Developer Highlights
TrailheaDX and Summer '19: Developer HighlightsTrailheaDX and Summer '19: Developer Highlights
TrailheaDX and Summer '19: Developer Highlights
 
Live coding with LWC
Live coding with LWCLive coding with LWC
Live coding with LWC
 
Lightning web components - Episode 4 : Security and Testing
Lightning web components - Episode 4 : Security and TestingLightning web components - Episode 4 : Security and Testing
Lightning web components - Episode 4 : Security and Testing
 
LWC Episode 3- Component Communication and Aura Interoperability
LWC Episode 3- Component Communication and Aura InteroperabilityLWC Episode 3- Component Communication and Aura Interoperability
LWC Episode 3- Component Communication and Aura Interoperability
 
Lightning web components episode 2- work with salesforce data
Lightning web components episode 2- work with salesforce dataLightning web components episode 2- work with salesforce data
Lightning web components episode 2- work with salesforce data
 
Lightning web components - Episode 1 - An Introduction
Lightning web components - Episode 1 - An IntroductionLightning web components - Episode 1 - An Introduction
Lightning web components - Episode 1 - An Introduction
 
Migrating CPQ to Advanced Calculator and JSQCP
Migrating CPQ to Advanced Calculator and JSQCPMigrating CPQ to Advanced Calculator and JSQCP
Migrating CPQ to Advanced Calculator and JSQCP
 
Scale with Large Data Volumes and Big Objects in Salesforce
Scale with Large Data Volumes and Big Objects in SalesforceScale with Large Data Volumes and Big Objects in Salesforce
Scale with Large Data Volumes and Big Objects in Salesforce
 
Replicate Salesforce Data in Real Time with Change Data Capture
Replicate Salesforce Data in Real Time with Change Data CaptureReplicate Salesforce Data in Real Time with Change Data Capture
Replicate Salesforce Data in Real Time with Change Data Capture
 
Modern Development with Salesforce DX
Modern Development with Salesforce DXModern Development with Salesforce DX
Modern Development with Salesforce DX
 
Get Into Lightning Flow Development
Get Into Lightning Flow DevelopmentGet Into Lightning Flow Development
Get Into Lightning Flow Development
 
Integrate CMS Content Into Lightning Communities with CMS Connect
Integrate CMS Content Into Lightning Communities with CMS ConnectIntegrate CMS Content Into Lightning Communities with CMS Connect
Integrate CMS Content Into Lightning Communities with CMS Connect
 

Último

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
Overkill Security
 

Último (20)

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu SubbuApidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 

Encrypt Sensitive Data while Preserving Platform Functionality

  • 1. #forcewebinar Encrypt Sensitive Data while Preserving Platform Functionality July 7, 2015
  • 2. #forcewebinar Safe Harbor Safe harbor statement under the Private Securities Litigation Reform Act of 1995: This presentation may contain forward-looking statements that involve risks, uncertainties, and assumptions. If any such uncertainties materialize or if any of the assumptions proves incorrect, the results of salesforce.com, inc. could differ materially from the results expressed or implied by the forward- looking statements we make. All statements other than statements of historical fact could be deemed forward-looking, including any projections of product or service availability, subscriber growth, earnings, revenues, or other financial items and any statements regarding strategies or plans of management for future operations, statements of belief, any statements concerning new, planned, or upgraded services or technology developments and customer contracts or use of our services. The risks and uncertainties referred to above include – but are not limited to – risks associated with developing and delivering new functionality for our service, new products and services, our new business model, our past operating losses, possible fluctuations in our operating results and rate of growth, interruptions or delays in our Web hosting, breach of our security measures, the outcome of any litigation, risks associated with completed and any possible mergers and acquisitions, the immature market in which we operate, our relatively limited operating history, our ability to expand, retain, and motivate our employees and manage our growth, new releases of our service and successful customer deployment, our limited history reselling non-salesforce.com products, and utilization and selling to larger enterprise customers. Further information on potential factors that could affect the financial results of salesforce.com, inc. is included in our annual report on Form 10-K for the most recent fiscal year and in our quarterly report on Form 10-Q for the most recent fiscal quarter. These documents and others containing important disclosures are available on the SEC Filings section of the Investor Information section of our Web site. Any unreleased services or features referenced in this or other presentations, press releases or public statements are not currently available and may not be delivered on time or at all. Customers who purchase our services should make the purchase decisions based upon features that are currently available. Salesforce.com, inc. assumes no obligation and does not intend to update these forward-looking statements.
  • 4. #forcewebinar Go Social! Salesforce Developers +Salesforce Developers Salesforce Developers Salesforce Developers The video will be posted to YouTube & the webinar recap page (same URL as registration). This webinar is being recorded! @salesforcedevs / #forcewebinar
  • 5. #forcewebinar ▪ Don’t wait until the end to ask your question! – Technical support will answer questions starting now. ▪ Respect Q&A etiquette – Please don’t repeat questions. The support team is working their way down the queue. ▪ Stick around for live Q&A at the end – Speakers will tackle more questions at the end, time- allowing. ▪ Head to Developer Forums – More questions? Visit developer.salesforce.com/forums Have Questions?
  • 6. #forcewebinar Agenda ▪ Overview of Platform Encryption ▪ Platform Encryption Architecture ▪ Setting Up Platform Encryption ▪ Platform Encryption and Development
  • 7. #forcewebinar Introducing: Salesforce Shield Infrastructure Services Network Services Application Services Secure Data Centers Backup and Disaster Recovery HTTPS Encryption Penetration Testing Advanced Threat Detection Identity & Single Sign On Two Factor Authentication User Roles & Permissions Field & Row Level Security Secure Firewalls Real-time replication Password Policies Third Party Certifications IP Login Restrictions Customer Audits Salesforce Shield Platform Encryption Event Monitoring Field Audit Trail New services to help you build trusted apps fast
  • 8. #forcewebinar Encrypt Sensitive Data, Preserving Business Functionality Seamlessly protect data at rest Encrypt standard & custom fields, files & attachments Natively integrated with key Salesforce features E.g., Search, Chatter, Lookups work with encrypted data Customer managed keys Customer-driven encryption key lifecycle management
  • 9. #forcewebinar Encryption Authentication & SSO Two factor Auth Profiles/Permissions Sharing & FLS Setup Audit Trail Field History Tracking Event Monitoring Identity Encryption
  • 10. #forcewebinar Platform Encryption Use Cases ▪ Regulatory Compliance ▪ Unauthorized Access to Database ▪ Contractual Obligations
  • 11. #forcewebinar Platform Encryption is Not ▪ Sharing Model ▪ Object/Field Level Security ▪ Data Residency Solution ▪ Encryption for Other Non-Salesforce Data ▪ Protection against User Credential Compromise trust.salesforce.com
  • 12. #forcewebinar Platform Encryption Features ▪ Privileged Users ▪ Encrypt data “at rest” ▪ Encrypt Fields and Files ▪ Granular Control of Encrypted Data ▪ Customer Key Lifecycle Ownership ▪ Config and Maintenance is Point and Click ▪ Support for API and coding on the platform
  • 14. #forcewebinar Encrypt at Rest: Fields Name: Darla Hood Name: aI90xi60csICOdk Encryption Service Darla Hood ***********
  • 15. #forcewebinar Encrypt at Rest: Files Lorem ipsum dolor Encryption Service Xvier0c 9ghcru cjf4x21f fdqbBLorem ipsum dolor
  • 16. #forcewebinar Granular Control: Fields ▪ Individual Fields – Text – Text Area Long – Email – Phone – URL – Some Standard Fields ▪ Enabled with flag
  • 17. #forcewebinar ▪ Files enabled separately – Attachments – Chatter – Files – Libraries ▪ All or none Granular Control: Files
  • 18. #forcewebinar Encryption Key ▪ Master Secret (Salesforce) – Rotated each release – Stored in the Key Derivation Servers ▪ Tenant Secret (Customer) – Can be Rotated once per day in Prod – Stored encrypted in DB ▪ Data Encryption Key – Derived from Secrets – Stored in cache
  • 19. #forcewebinar Features and Support ▪ GA Summer 15 ▪ Feature License Required ▪ Support for – Global Search – Lookups – Workflow – Approval Processes – Validation Rules
  • 20. #forcewebinar Agenda ▪ Overview of Platform Encryption ▪ Platform Encryption Architecture ▪ Setting Up Platform Encryption ▪ Platform Encryption and Development
  • 21. #forcewebinar Architecture Overview Encryption Service Hardware Security Modules Key Derivation • Standards based encryption built natively into the Salesforce Platform • AES encryption using 256bit keys in CBC mode and random IV • Data encryption and decryption actions are transparent • Layers seamlessly with other Salesforce security features • Hardware Security Module based key management infrastructure • FIPS 140-2 compliant HW • Master HSM • Key Derivation Servers with embedded HSM card • Multi-tenant, org-specific key management • Customer driven key lifecycle management • Uses PBDKF2 HMAC with SHA256 • Derive secure 256-bit keys that are never persisted in Salesforce
  • 22. #forcewebinar Encryption Architecture & Process Overview 1. Data is sent to the application server. 2. The application server checks if the Data Encryption Key exists in memory. 3. a) If the data encryption key is found in the cache, the application server retrieves it. b) If the data encryption key is not found, the application server reads the organization's encrypted active tenant secret from the database and requests a key from the Key Derivation Server. 1. The encryption service encrypts the data on the application server. 2. The encrypted data is stored.
  • 23. #forcewebinar Global Availability San Jose Chicago London Tokyo Washington ASG Coming Late 2015
  • 24. #forcewebinar Agenda ▪ Overview of Platform Encryption ▪ Platform Encryption Architecture ▪ Setting Up Platform Encryption ▪ Platform Encryption and Development
  • 25. #forcewebinar Demo ▪ Setup Encryption – Enable Users – Generate Key – Select Fields/Files – Manage Keys
  • 26. #forcewebinar Agenda ▪ Overview of Platform Encryption ▪ Platform Encryption Architecture ▪ Setting Up Platform Encryption ▪ Platform Encryption and Development
  • 27. #forcewebinar Demo ▪ TenantSecret sObject ▪ API and Integration – REST and SOAP Support ▪ Coding and Encryption – SOSL – Solving Sorting in Apex – Apex and Key Rotation
  • 28. #forcewebinar Some Considerations ▪ Limitations – Sharing Rules – Person Accounts (Roadmap) – SOQL and List Filters – Formula Fields – Communities and Portals – Other Features ▪ Integration could be affected
  • 29. #forcewebinar Roadmap (Safe Harbor) ▪ Support additional standard/custom fields and other content encryption (Person Account std fields, Case Subject, Description and Case Comments, Text Area custom field type etc.) ▪ Make additional features encryption-aware and preserve more functionality (Search via S1 mobile devices, Communities etc.) ▪ Build additional key management tooling (Customer supplied keys, Key Brokering etc.)
  • 30. #forcewebinar Resources ▪ Intro to Platform Encryption ▪ Release Notes ▪ Whitepaper ▪ Best Practices ▪ Classic Encrypted Custom Fields vs Platform Encryption ▪ TenantSecret (SOAP API) ▪ Field MDAPI (Encrypted bit) ▪ Considerations ▪ Summer '15 Webinar + Demo (15min)
  • 34. #forcewebinar Signing up for Developer Org in EMEA developer.salesforce.com/signup Choose United States as country
  • 35. #forcewebinar#forcewebinar Q & A Peter Chittum Developer Evangelist @pchittum github.com/pchittum Assaf Ben-Gur Senior Product Manager @assafbengur github.com/pchittum/platform-encryption-webinar
  • 36. #forcewebinar#forcewebinar Survey Your feedback is crucial to the success of our webinar programs. Thank you! http://bit.ly/1JJVGxX