There is a lot going on in the media about encryption of personal electronic devices and social communication channels, I am very glad to see that all large technology companies are coming out as proponents of encryption at rest and in transit. This is a very important aspect of information technology, as it provides a layer of security for the end users and increases the trust in services and devices that would otherwise not be possible.
As more and more services are offered on mobile devices and in the cloud, the amount of personal information stored in your pocket increases. This is a good thing, as it allows you to do more whenever you want to, and makes these devices, and therefore you, more productive. However, devices are lost and as a device is lost, that data -your data- is put in the hands of whoever finds that device. Encrypting the data so that the finder is unable to access it can therefore only be seen as a good thing.
However, encryption is more than just securing data. Digital information in its core is meant to be shared, and we want to do this in a safe way. Users want to be sure that the information they are sharing is transferred securely and that the recipient is who they think it is, without malicious intermediates listening in. Trusting the platform on which you share this information is very important, and this trust is based on a combination of encryption, identity management and reputation. It is the job of the service and platform providers to enable this trust between users and third parties. Simply put, I want to be protected against eavesdropping and against impersonations, and encryption lies at the core of the technologies that protect me.
This protection can only be given by implementing encryption techniques, for single users, corporations and governments alike. Unfortunately, implementing encryption in legacy and on-premise systems can be a frustrating and tedious endeavor, and adding extra security is always a trade off against adding extra features, a choice to easily made by some product owners. Additionally, adding security is something that hinders addition of new functionality and doesn’t usually add to the user friendliness of your solution.
Salesforce already provides a large range of data protection tools, that are active and configured for you from the start. Perhaps you or your company require a bit more security, or you are bound by industry or company regulations, or you want to be extra careful.
This is where Salesforce offers Shield Encryption, offering a stronger encryption than the standard database encryption provided by the Salesforce platform. This keeps your data even more secure, without sacrificing user friendliness.
In the past year Gen25 has implemented Shield Encryption for a number of clients, and with great success. Customers experience little to no impact of the added layer of security, while time needed for implementation is low. If you have any questions on the importance of encryption and data security, or if you want to know more about storing please contact us so we can engage in conversation.