Technical

Platform Encryption in Salesforce

Eric Chavez

For Security control, Salesforce offers an out of the box feature called PLATFORM ENCRYPTION. It provides an advanced level of security to the data across the organizations.

Platform Encryption in Salesforce

For Security control, Salesforce offers an out of the box feature called PLATFORM ENCRYPTION. It provides an advanced level of security to the data across the organizations. The Platform Encryption presents the great space for data sharing model with the best business solution. The Security model includes sharing of file, attachment as well as standard & custom field’s value with certain conditions.

Based on purpose, the Encryption can be classified into two types:

1. Classic Encryption – A special type that encrypts the custom text fields.

2. Platform Encryption – This encrypts a larger set of standard fields, along with some custom fields and as well as various type of files and attachments.

Let us see the overview and built-in functionality of Platform Encryption.

Encrypted Standard Fields

Platform Encryption supports for the following standard objects with these specific set of fields.

Account

1. Account Name

2. Phone

3. Fax

4. Website

5. Description

Contact

1. Name (First Name, Middle Name, Last Name)

2. Mailing Address

3. Phone

4. Fax

5. Mobile

6. Home Phone

7. Other Phone

8. Email

9. Description

Case

1. Subject

2. Description

Case Comment

1. Body

Encrypted Custom Fields

These are custom field types can be encrypted.

1. Email

2. Phone

3. Text Type (Text, Text Area & Text Area (Long))

4. URL

Note:

1. Custom Email field values would be limited to 70 characters that includes only non-ASCII characters.

2. Custom Phone field values would be limited to 22 characters that includes only non-ASCII characters.

3. Encrypted custom fields can’t be using in custom formula fields or criteria-based sharing rules.

4. The encrypted fields can’t be created using the Schema Builder.

5. Some custom fields can’t be encrypted as below:

1. External data objects

2. Custom formula fields

3. Unique (or) External ID attributes

Encrypt Files and attachments

In your organization, the Platform encryption is enabled. The body of each file & attachment is to be encrypted before the uploading with the certain limits.

Encryption is supported for following types of File/Attachments:

1. Records

2. Chatter posts & comments

3. Feeds

4. Content

5. Libraries

6. Salesforce Files Sync

7. Body of notes using the new Notes tool

Encryption is not supported for following File Types/Attachments:

1. Documents

2. Chatter group photos

3. Chatter profile photos

4. Body of notes using the old Notes tool

Below are the required user permissions, related to the Platform Encryption setup.

1. View data in encrypted fields

2. View Platform Encryption Setup Page

3. Edit Platform Encryption Setup page, excluding key management

4. Generate, destroy, export and import tenant secrets

5. Query Tenant Secret object via the API

Considerations for Platform Encryption

Encrypted fields can’t be used in the following conditions.

Matching rules in Duplicate management
Criteria based sharing rules
External lookup relationship fields
Filter criteria in data management tools
Salesforce1 mobile app
Live agent chat transcripts by using rest.

2. Report & Dashboard components are not displayed.

3. Page layout & List view are not supported.

4. Campaign member doesn’t support the encrypted field search.

5. Encrypted fields can’t be used in SOQL & SOSL clauses, like the WHERE, GROUP BY & ORDER BY.

6. Encrypted fields can’t be used for the aggregate functions like Max(), Min( ) & Count( ).

7. Body of the files/attachments can be encrypted with the new Notes tool, but not with the old Notes tool.

8. The encrypted fields values are included in email templates. When the Standard Email field is encrypted, Email to Salesforce can’t receive inbound emails.

9. When the Person Account is enabled, the following Account field can be encrypted. The same applies for Contact fields also.

1. Name

2. Description

3. Phone

4. Fax

Limitations of Platform Encryption

Many of the applications are currently not supported, but they need to be encrypted by REST.

1. Chatter Desktop

2. Connect Offline

3. Pardot

4. Data.com

5. Work.com

6. Visual Workflows

7. Process Builder

8. Flows

9. Salesforce to Salesforce

10. Salesforce for Outlook

11. Salesforce Classic

12. Lightning Components

13. Salesforce IQ

14. Wave

15. Exact Target

16. Exchange Sync

17. Organization Sync

18. Partner portals, Customer portals & Self-Service portals

Live agent chat transcript can’t be encrypted by REST.
Web-to-Case is supported, but the Web Company, Web Email, Web Name and Web Phone fields are not encrypted by REST.

Reference Link:

https://releasenotes.docs.salesforce.com/en-us/spring16/release-notes/rn_security_pe.htm

Eric Chavez

About MST

At MST Solutions our cornerstone is to adapt, engage and create solutions which guarantee the success of our clients. The talent of our team and experiences in varied business verticals gives us an advantage over other competitors.

Leveraging Innovations in Healthcare Technology to Create a Frictionless Member Experience

In an era where the fusion of healthcare and technology redefines consumer experience, healthcare payers face a pivotal challenge: delivering seamless member experiences. As highlighted by a recent Becker’s report, there is a gap in member engagement.

Read Article »

Harnessing Generative AI in Healthcare Insurance: Streamlining Operations and Enhancing Member Insights

Healthcare insurance providers are navigating new ground and capitalizing on new opportunities made possible through artificial intelligence. AI can be utilized to lower costs for payers and improve the member experience as well as the overall health and well-being of members, leading to greater member satisfaction and improving trust and reputation for the payer’s brand.

Read Article »

Work with us.

Our people aren’t just employees, they are key to the success of our business. We recognize the strengths of each individual and allow them time and resources to further develop those skills, crafting a culture of leaders who are passionate about where they are going within our organization.

Name	Domain	Purpose	Expiry	Type
_gid	mstsolutions.com	Google Universal Analytics short-time unique user tracking identifier.	1 days	HTTP
_ga	mstsolutions.com	Google Universal Analytics long-time unique user tracking identifier.	2 years	HTTP
__qca	mstsolutions.com	QuantCast tracking cookie.	1 year	HTTP

Name	Domain	Purpose	Expiry	Type
_gcl_au	mstsolutions.com	---	3 months	---
_gat_UA-37982867-1	mstsolutions.com	---	Session	---
test_cookie	doubleclick.net	A generic test cookie set by a wide range of web platforms.	Session	HTTP
_ga_G3BF960S85	mstsolutions.com	---	2 years	---
ln_or	www.mstsolutions.com	---	1 days	---
slireg	www.mstsolutions.com	---	7 days	---
site_identity	scout.salesloft.com	---	1 year	---
sliguid	www.mstsolutions.com	---	1 year	---
slirequested	www.mstsolutions.com	---	1 year	---
_lfa	mstsolutions.com	---	1 year	---

By Initiative

By Product

By Industry

By Initiative

By Product

By Industry

Platform Encryption in Salesforce

Eric Chavez

Eric Chavez

About MST

Recent Articles

Leveraging Innovations in Healthcare Technology to Create a Frictionless Member Experience

Harnessing Generative AI in Healthcare Insurance: Streamlining Operations and Enhancing Member Insights

Work with us.

Initiatives

Products

Industries

MST Solutions is now a Mastek company.

By Initiative

By Product

By Industry

By Initiative

By Product

By Industry

Platform Encryption in Salesforce

Eric Chavez

Eric Chavez

About MST

Recent Articles

Leveraging Innovations in Healthcare Technology to Create a Frictionless Member Experience

Harnessing Generative AI in Healthcare Insurance: Streamlining Operations and Enhancing Member Insights

Work with us.

Initiatives

Products

Industries

MST Solutions is now a Mastek company.

I Agree to the Terms & Conditions