Act on Data Policy Scan Results
After you've reviewed the Data Detect scan policy results, use them to bolster your data security and privacy strategy, especially with specific fields that have excessively sensitive data.
Required Editions
| Available in: Lightning Experience |
| Available in: Enterprise, Performance, Unlimited, and Developer editions with the Salesforce Shield or Data Detect Licenses. |
Take Action on your Scanned Data Results
After Data Detect helps you identify sensitive data, use other Salesforce Trusted Services products or solutions to enhance your organization’s data security.
Classifying Sensitive Data
Update the data sensitivity classification and compliance categorization of fields that contain sensitive data. Apply data classification labels to fields you've identified as containing sensitive data. Examine relevant processes and procedures to identify what your team needs to know about handling sensitive data. Or help your customers understand how to manage sensitive data.
Use Encryption to Protect Sensitive Data
Using encryption protects sensitive data from unauthorized access. Revisit encryption policies for your organization by applying Database Encryption for your transaction database or apply Field-Level encryption for fields with identified sensitive data. Enable Shield Platform Encryption to encrypt the sensitive fields you have identified
Safeguarding Data
If your organization needs strict data protection requirements, there are different ways of limiting access that provide an extra layer of security.
- Transaction Security policies: Consider creating or updating your transaction policies to handle fields with sensitive data. For example, prevent exporting fields with sensitive data from reports. This is part of Event Monitoring.
- Masking : Consider masking fields with sensitive data within both Production (with Privacy Center) and Sandbox environments (with Data Mask). Keep in mind that masking fields is a permanent action, so you can't restore their original values.
- Access permissions : Review access controls and permissions to fields with sensitive data with the Control Who Sees What Explorer in Security Center. This makes sure that users only access the data they need to do their job.
- If it’s no longer needed, delete identified sensitive data from the record.
Audit Changes to Sensitive Data
Auditing helps maintain a comprehensive historical record of field changes and establishes data integrity and compliance with industry standards. Regularly monitor Setup Audit Trail for any setup or key encryption. Revisit the field history retention for fields with frequent instances of sensitive data with Field Audit Trail. Set up Field Audit Trail to track changes to these sensitive fields.
Event Monitoring
Event Monitoring supports compliance by providing detailed audit trails required by industry regulations. And it enhances security by tracking user activity, which allows for the identification of suspicious behavior like unauthorized access or data exports, thus preventing breaches.
