Print this page

Salesforce for Outlook security overview

Knowledge Article Number 000006338
Description This article will touch on key security aspects on Salesforce for Outlook

- Salesforce for Outlook resides as a .Net Client on a user's local machine and interacts with Salesforce using SSL 128 bit encryption Port 443 is used

- API calls use SSL 256 bit SSL encryption.

- User Authentication is Oauth 2.0 authentication see Oauth and also OAuth 2.0 User-Agent Flow​

- The Oauth token is encrypted on the local machine using MS DPAPI

- Other sync data resides on the local machine in an SQLite database

- Synced data is controlled within the Salesforce application by the configuration of specific Data Sets managed by Salesforce Administrators.

- The permission for users to be able sync and data sets constraints are controlled by an Administrator within Salesforce

- TLS 1.1 and higher.
The Prepare Your Users to Continue Using Salesforce for Outlook After TLS 1.0 Is Disabled and Salesforce disabling TLS 1.0 knowledge articles for more information 

promote demote