Lightning Sync Connection Security

Salesforce takes your data security seriously. Lightning Sync leverages standard Salesforce security measures when establishing a connection with your email service.

Lightning Sync establishes a connection with your email service when you set up the product. When establishing a connection, Salesforce verifies the authenticity of your Microsoft or Google service with a security certificate that meets our certificate standards.

• Microsoft® Office 365® and Google G Suite automatically provide certificates that comply.
• Microsoft Exchange 2019, 2016, and 2013 customers are required to configure a certificate signed by one of the Salesforce-Approved certificate authorities.

After the connection is established, Lightning Sync transfers contact and event data between servers. Individual users aren’t required to log in to sync.

To avoid the possibility of interception, Salesforce uses TLS technology to protect transferred data. Upon authorization of each transaction, Salesforce requires the TLS configuration from the data received to meet Salesforce TLS security requirements before granting access.