Question
How do I restrict access to data with classification ratings of moderate or high confidentiality in Salesforce?
For example, Utility bills with account numbers, loan numbers, driver’s licenses, etc.
Answer
- Work with Data Governance and the Salesforce team to identify data and attachments with classification ratings of moderate or high confidentiality.
- As it relates to network and data transmission, Salesforce encrypts information between Salesforce and the customer, and between the primary and disaster recovery data centers. Customer Data is processed and stored solely within the continental U.S., operated and supported by screened U.S. citizens as applicable. Data is protected in-transit and at-rest with FIPS 140-2 validated encryption. For data, there are encryption options built into Salesforce, Classic Encryption that provides the ability to create specific encrypted fields on an object.
- Access is restricted by permission sets that enable only authorized users to access those fields.
- Data with a classification rating of high confidentiality (SSN and bank account numbers) information on attachments should be redacted if the information is not required.
Overview
Content Tools