For Data 360, you upload a root key to Salesforce. Data 360 uses the root key for
securing the data encryption key that encrypts and decrypts all Data Cloud data stores, including
Data 360's own vector-based search. This root key is only used for Data 360.
Required Editions
Available in both Salesforce Classic (not available in all orgs) and Lightning
Experience.
Available in: Enterprise, Performance, and Unlimited
Editions with the Salesforce Shield or Shield Platform Encryption licenses.
Available for free in Developer Edition.
User
Permissions Needed
To generate, destroy, export, import, upload, and configure key
material:
Manage Encryption Keys
To view and edit Setup:
View Setup and Configuration
From Setup, in the Quick Find box, enter Platform Encryption,
and then select Key Management.
The Key Inventory and Management page loads.
In the Key Management Table, select Data Cloud.
Click Generate Root Key. The Configure a Key Management Service box appears.
Choose Bring Your Own Root Key. Then click Next.
If you’re prompted to generate a certificate, enter a label, and then select
Generate Certificate.
If successful, you can click Download Certificate and Token to download the
files you need to prepare your tenant secret.
Use the certificate to prepare your root key for upload.
In the Upload Tenant Secret section, attach both the encrypted key material and the
import_token.txt file associated with your certificate. Click
Upload.
The uploaded secret becomes the active root key for Data 360.
From here on, Data 360 uses your root key to secure the DEKs for all Data 360 data stores,
including Data 360's own vector-based search.
Did this article solve your issue?
Let us know so we can improve!
Loading
Salesforce Help | Article
Cookie Consent Manager
General Information
Required Cookies
Functional Cookies
Advertising Cookies
General Information
We use three kinds of cookies on our websites: required, functional, and advertising. You can choose whether functional and advertising cookies apply. Click on the different cookie categories to find out more about each category and to change the default settings.
Privacy Statement
Required Cookies
Always Active
Required cookies are necessary for basic website functionality. Some examples include: session cookies needed to transmit the website, authentication cookies, and security cookies.
Functional Cookies
Functional cookies enhance functions, performance, and services on the website. Some examples include: cookies used to analyze site traffic, cookies used for market research, and cookies used to display advertising that is not directed to a particular individual.
Advertising Cookies
Advertising cookies track activity across websites in order to understand a viewer’s interests, and direct them specific marketing. Some examples include: cookies used for remarketing, or interest-based advertising.
