Encrypting data in salesforce sept2014-final
-
Upload
chris-hines -
Category
Technology
-
view
451 -
download
2
description
Transcript of Encrypting data in salesforce sept2014-final
![Page 1: Encrypting data in salesforce sept2014-final](https://reader035.fdocuments.net/reader035/viewer/2022062706/557ad237d8b42a0b188b50a1/html5/thumbnails/1.jpg)
Security & Compliance on Salesforce.com
Practical Advice for the Financial Services Industry
Zahid AfzalCIO/COOCapital Bank
Rich CampagnaVP, ProductsBitglass
![Page 2: Encrypting data in salesforce sept2014-final](https://reader035.fdocuments.net/reader035/viewer/2022062706/557ad237d8b42a0b188b50a1/html5/thumbnails/2.jpg)
Malware Stealing Salesforce Data ● Sep 8 2014, Dyre Malware captures user credentials & data
Gramm-Leach-Bliley Act (GLBA) ● Financial institutions must protect their customers’ non-public personally
identifiable information (PII).
Federal Financial Institutions Examination Council (FFIEC)● Financial institutions should employ encryption to mitigate the risk of
disclosure or alteration of sensitive information in storage and transit. ● Encryption strength sufficient to protect the information from
disclosure until such time as disclosure poses no material risk,● Effective key management practices,● Robust reliability, and● Appropriate protection of the encrypted communication endpoints.
Security & Compliance in the Cloud
Refs: GLBA - http://www.business.ftc.gov/, FFIEC - http://ffiec.gov
![Page 3: Encrypting data in salesforce sept2014-final](https://reader035.fdocuments.net/reader035/viewer/2022062706/557ad237d8b42a0b188b50a1/html5/thumbnails/3.jpg)
• Business Goals• Agile response to customer
• Unified view of data from 16 business segments
• Grow customer relationships
• Targeted data for sales, service and marketing
● Business Solution● Enterprise wide sales and service realignment
● Move from sales playbook to relationship playbook
● IT Solution: Salesforce.com for CRM
Case Study
![Page 4: Encrypting data in salesforce sept2014-final](https://reader035.fdocuments.net/reader035/viewer/2022062706/557ad237d8b42a0b188b50a1/html5/thumbnails/4.jpg)
1. Adopt Salesforce “as-is.”
2. Leverage special on-premises database option.
3. Encrypt data in Salesforce with a cloud
encryption gateway.
Available Options
![Page 5: Encrypting data in salesforce sept2014-final](https://reader035.fdocuments.net/reader035/viewer/2022062706/557ad237d8b42a0b188b50a1/html5/thumbnails/5.jpg)
● Pros
• Easier migration
• Cost effective
● Cons
• Risks compliance
• Limited visibility
• Data stored in the cloud
Adopting Salesforce “As Is”
![Page 6: Encrypting data in salesforce sept2014-final](https://reader035.fdocuments.net/reader035/viewer/2022062706/557ad237d8b42a0b188b50a1/html5/thumbnails/6.jpg)
● Pros
• Full control over data
• Compliance and security
Cons
• Custom development, installation and
maintenance
• Potential response time issues
• Higher cost
On-Premise Database for Salesforce
![Page 7: Encrypting data in salesforce sept2014-final](https://reader035.fdocuments.net/reader035/viewer/2022062706/557ad237d8b42a0b188b50a1/html5/thumbnails/7.jpg)
● Pros
• Full control over data
• Compliance and security
• Cost effective
● Cons
• First-gen solutions offered weak encryption
Employ a Cloud Encryption Gateway
![Page 8: Encrypting data in salesforce sept2014-final](https://reader035.fdocuments.net/reader035/viewer/2022062706/557ad237d8b42a0b188b50a1/html5/thumbnails/8.jpg)
Fast-forward to today
![Page 9: Encrypting data in salesforce sept2014-final](https://reader035.fdocuments.net/reader035/viewer/2022062706/557ad237d8b42a0b188b50a1/html5/thumbnails/9.jpg)
© 2014 Bitglass – Confidential: Do Not Distribute
Bitglass Cloud Encryption Gateway
Local Employees
Corporate Office
BYODRemote Employees
Public-Cloud App + Private-Cloud Data● Unlimited mobility - any device, anywhere
● Encrypted data stored in private cloud
![Page 10: Encrypting data in salesforce sept2014-final](https://reader035.fdocuments.net/reader035/viewer/2022062706/557ad237d8b42a0b188b50a1/html5/thumbnails/10.jpg)
© 2014 Bitglass – Confidential: Do Not Distribute
Bitglass Cloud Encryption Technology
● AJAX VM tech robust to application updates
● Ease-of-management, one-click setup
● True encryption: AES-256 + 256-bit initialization
● Sort, search, auto-complete, wild-card…
● Validated by top crypto experts
• Taher Elgamal, CTO Security, Salesforce.com
• Marty Hellman, Professor, Stanford University
*Patents pending
![Page 11: Encrypting data in salesforce sept2014-final](https://reader035.fdocuments.net/reader035/viewer/2022062706/557ad237d8b42a0b188b50a1/html5/thumbnails/11.jpg)
© 2014 Bitglass – Confidential: Do Not Distribute
Total Data Protection
SSN → LZKAFDKLZ
Visibility, AlertsAccess ControlDLPNo software, any device30 min deployment
In the Cloud
At Access
On the DeviceClientless Selective WipeDevice Security PoliciesFile EncryptionWatermarking/Data TrackingNo software, any device30 min deployment
Full strength AES-256Searchable, sortableReviewed by security expertsNo software, any device30 min deployment
![Page 13: Encrypting data in salesforce sept2014-final](https://reader035.fdocuments.net/reader035/viewer/2022062706/557ad237d8b42a0b188b50a1/html5/thumbnails/13.jpg)
www.bitglass.com
Thank You!