Planning for Data Integrity
|Knowledge Article Number||000231130|
Salesforce is committed to achieving and maintaining the trust of our customers. Integral to this mission is providing a robust security and privacy program that considers data protection matters across our services and the data submitted by customers to our services (“Customer Data”). We build data protection capabilities into our services, Force.com, Site.com, Database.com, Sales Cloud, Service Cloud, Communities, and Chatter, in order to provide for the integrity and consistency of our customers’ data. Our internal architecture and processes provide for multiple copies of our customers’ data, which reside in primary and secondary data centers that utilize industry-standard, vendor-supplied data replication technology.
Providing remote replication of data also provides Salesforce the ability to recover more rapidly in the event of an incident, and allows for rapid and reliable migration of instances from one location to another for capacity planning purposes.
What is Salesforce’s process for replicating data?
Salesforce replicates customer data (up to the last committed transaction) from the primary to the secondary data center in near real-time. Replication of the data is transmitted over an encrypted network (our 10 Gigabit WAVE network with inline high speed ethernet encryptors).
In addition, backups are performed daily at each data center facility and copies are retained for 90 days (30 days for sandbox instances). Our standard processes are designed so deleted or modified data cannot be recovered after 90 days (30 days for sandbox instances). Backup media never leaves our secure data center facilities unless they are to be retired and destroyed through a secure destruction process.
How does Salesforce maintain data integrity during data migration maintenance activities?
As one of the last steps of a data migration, prior to enabling write-access to the instances in the new location, a verification of migrated data from the point write-access was suspended in the original location is completed. The verification includes a byte-check and all checks must be validated successfully prior to enabling write-access in the new location.
Integrity checks are successfully completed prior to migrating customers over to the new instance. If a customer has been notified that a migration was successful, then the checks have completed successfully.
What are additional methods I can implement to backup my data?
Salesforce recommends customers follow industry best practices for data backup.