Why Encrypt

Security and trust are major factors in every company’s evaluation of public cloud services. Salesforce customers choose which business functions to run on the Salesforce Platform, which applications they can build to extend those functions, and what data they must store to enable those functions.

The 2024 ITRC Data Breach Report counted 3,158 confirmed compromises worldwide in 2023. In addition, the report estimates over 1.3 billion victim notices sent in the same year. Compromises involving sensitive personal information remained the most common type of breach in 2024.

Customers increasingly use the Salesforce Platform to build applications that require personally identifiable information (PII) and other sensitive, confidential, or proprietary data. Standard features such as authentication and single sign-on, granular access controls, and activity monitoring give most customers enough control over when and how they protect their data. But when sensitive data is stored on the Salesforce Platform, some customers want additional layers of protection on top of our standard security measures.

• Balance Data Security with Business Needs
  Choosing to store PII, sensitive, confidential, or proprietary data with any third party often prompts customers to more closely investigate external regulatory and internal data compliance policies. Internal policies frequently rely on interpretation of external regulations.
• Salesforce Encryption Principles
  To balance security demands with customers’ functional requirements, Salesforce defined a set of principles that drove our solution design and architecture decisions. We focused on the problems that we wanted to solve, clearly defined the boundaries of our solution, and identified the implications and tradeoffs of the design.