You Just Bought Shield: Now What? A Salesforce Shield Implementation Guide for Admins
Now that you’ve chosen Salesforce Shield – a set of point-and-click tools for maximizing your Salesforce security, meeting regulatory compliance, improving CRM usage and adoption, and safeguarding your mission-critical data – you’re ready to start leveraging its powerful abilities. This Salesforce Shield implementation guide will walk you through the setup process, ensuring you get the most out of your new security and compliance tool.
The components of Salesforce Shield: a trio for security excellence
Salesforce Shield is a security suite made up of three components: Platform Encryption, Event Monitoring, and Field Audit Trail.
- Platform Encryption – natively encrypts your sensitive data at rest across all Salesforce apps without disturbing your workflow. With this tool, you can safeguard PII, PHI, financial, and other sensitive information.
- Event Monitoring – provides access to user activity event log files that detail exactly which users performed what actions at what time and from what IP address. This tool enables you to obtain in-depth security, performance, compliance, and usage information on all Salesforce apps. Event Monitoring currently captures more than 40 different types of event log files, including logins, logouts, and report exports. You can easily import the data from this tool into a user activity monitoring data visualization tool for further insights and easy-to-read dashboards.
- Field Audit Trail – shares the state and value of your data, whether past or present. This tool assists with regulatory compliance, auditing, internal governance, and even customer service. Field Audit Trail extends back as far as ten years, providing you with a lengthy data history for reference.
By enabling these three powerful tools in your Salesforce instance, you’re creating a more secure environment for your sensitive data. But Shield goes beyond just simple security – with Event Monitoring and Field Audit Trail, you can boost your monitoring capabilities and data retention policies for detailed performance and usage data. You also have the power to perform forensic investigations into past and present user activities in real time.
Getting started with Salesforce Shield
To begin utilizing Shield, contact your Salesforce account executive – they’ll help determine if you meet the technical requirements for the product and then discuss a plan of action to supplement this Salesforce Shield implementation guide. For most admins, once you provision your license, Salesforce will enable Shield, allowing you to designate permissions.
Assigning permissions is critical because not all users should have the same level of access to information. While admins may be able to modify, view, and manage fields and settings, basic end users should not have the same ability – with unlimited permissions, an end user may accidentally or intentionally change settings and gain access to data they shouldn’t be able to see or edit. Permission-setting is an essential first step to take after obtaining Shield.
Setting up and deploying Platform Encryption
- Identify your encryption needs. Before you can start encrypting your sensitive data, you must define threat vectors and classify your data. As a best practice, it’s vital to identify “must encrypt” data rather than encrypting everything because the encryption process can create a slowdown in your Salesforce instance, affecting the usage of the platform.
- Enable field-level encryption. Once you identify your encryption needs and enable Shield, you must assign permissions to authorized users. Then, apply the encryption to the selected data or elements and begin testing business processes with the defined encryption policies. For best practices, Salesforce recommends that admins test Platform Encryption in your sandbox before deploying it fully.
- Outline key management strategy. Encryption requires keys – and you don’t want more users to have the keys than necessary – so identify who can manage them in your organization. Then, develop a procedure for backing up, changing, and retiring keys to close any encryption security gaps.
- Continuously manage your organization’s encryption policy. Stay on top of your key management program, back up your data regularly, review your policies and procedures as your data increases, and continuously audit the application of encryption to necessary data.
Onboarding and using Event Monitoring
- Start capturing read-only event log files. As soon as Salesforce Shield Event Monitoring is enabled in your Salesforce org, data will start accumulating. The event log files Event Monitoring captures and delivers to you in the form of audit logs provide granular details about what users are doing to data, when, and from where.
- Import log file data into a visualization tool. You can download the event log information every day as a CSV file that will be available to you for 30 days. To understand what the event log data means, import it into a visualization tool for clear insights and actionable information. Einstein Analytics comes included with Event Monitoring, although some admins prefer to use other visualization tools for more in-depth, granular details.
- Set up transactional security policies. With transaction security, you can receive real-time alerts for specific events that occur in your Salesforce instance. But to receive alerts, you’ll first need to outline policies and thresholds. An example policy may be to receive alerts if any user exports more than 10,000 rows of data in 24 hours.
- Utilize the insights from monitoring to take action. Once you can visualize the activities in your instance through Event Monitoring, you can then identify any security gaps that need closing. Use the insights to strengthen security policies, audit access controls, enforce procedures, and modify governance policies. You can develop adoption programs to enhance Salesforce usage, automate workflows, and improve app performance with the data as well.
Using Event Monitoring is imperative because one in three data breaches is caused by an insider threat, which you can mitigate through proper monitoring and detection tools.
Enabling and getting started with Field Audit Trail
- Identify your retention and audit period. Before utilizing Field Audit Trail, you’ll need to define your organization’s retention period per object basis and any regulatory guidelines that you must follow. Some regulations require multiple years of history for compliance, and Field Audit Trail offers as much as ten years of history.
- Define retention policies and automate field retention. By outlining what field and objects you want to retain as well as when and how long you want to archive that information, you’re well on your way to automating snapshots of the full lifecycle of your data.
- Develop practices for obtaining and auditing data. Once your policies are in place, you can set up an audit dashboard, define standard queries, provide access to auditors with permission settings, and obtain insights.
Grab your Salesforce Shield and start securing your sensitive Salesforce data today
If you have more organization-specific questions about how your company can utilize the power of Salesforce Shield, reach out to your Salesforce account executive for more information. They’ll be able to share product information, pricing, and implementation tailored to your organization’s and Salesforce usage. If you can’t wait to start, familiarize yourself with your organization’s current Salesforce security tools, policies, and requirements. By reviewing the state of your security posture, you can identify your needs and prepare for the implementation of Shield. To begin Salesforce’s Trailhead experience in preparation for your Shield onboarding, visit the trail hub: Secure Your Apps with Salesforce Shield.