877.703.4488 info@cloudmybiz.com
Tip of the Week – Data Privacy in Salesforce Becoming More Important Than Ever!

Tip of the Week – Data Privacy in Salesforce Becoming More Important Than Ever!

There is quite a bit of excitement in the blogosphere and Salesforce communities around the upcoming Spring ‘18 release. After all, it’s a big release and what’s not to be excited about? There are all sorts of improvements, features and customizations coming to your Salesforce org. However, some of the less sexy but still critical changes revolve around GDPR (General Data Protection Regulation) and what Salesforce is doing to enable compliance.

What is GDPR?

If your business is in, or has significant dealings in the European Union, you almost certainly know about GDPR already.  However, for the uninitiated (or for those whom the 2015 GDPR announcement feels like an eternity ago and need a refresher) GDPR is a new privacy regulation in the EU, set to take effect on May 25, 2018, aimed at giving individuals more control over how their data is collected, used and stored. Up till now, there has been no unifying law that governs data privacy in the EU.

Who GDPR Affects?

Any organization that processes personal data of EU individuals, including tracking their online activities, is within the scope of the GDPR law, regardless of whether the organization has a physical presence in the EU. So if you contract with any individuals or businesses in Europe, you will be legally bound to comply.

What Are the Main Points of GDPR?

  • Expanded definitions of “Personal Data”
  • Requires that consent of personal data be ‘freely given, specific, informed, and unambiguous’
  • Any data collected must be used for limited and specifically stated purposes
  • Data must be used as minimally as possible
  • Data must be accurate, kept up to date, and deleted if no longer necessary
  • Everything collected must be kept safe and secure
  • Organizations need a “Data Controller”, who is a designated user to maintain data and be able to demonstrate compliance with the GDPR
  • Individuals have the “Right to Access and the Right to Erasure”. Meaning that they can request to see the entirety of what Data you have of theirs, and they can ask to have all of it completely erased if desired

What Do I Do to Remain Compliant?

There are quite a few steps for each company, based on their individual data practices, but the  best general advice is to be extremely transparent and careful with how you collect, use and store data. The good news for Salesforce users is that the platform is working hard to make it easy for you to remain compliant.

Take a look here for a great overview and recommendations for first steps. If you need to go one step further and really gear up for the change, Salesforce Shield may be just what you need!

-Ryan and the CMB Team

Tip of the Week – Transaction Security Policies for Salesforce help empower security experts and admins alike

Tip of the Week – Transaction Security Policies for Salesforce help empower security experts and admins alike

Nowadays, it feels like there’s a new story in the news about a major security breach or attack by hackers every day. Salesforce is notably absent from these stories, despite its popularity and pervasiveness in the business world, thanks to the strong security and controls baked into the core product. With very little effort, admins and security teams can limit logins to specific IP ranges at specific times for specific users, lock down sensitive data, enforce strong passwords which must be regularly changed, and much more. But the team at Salesforce knows that the threat of cyber-attack and misuse of data is ever-growing, and, in Spring ’16, released Transaction Security Policies to give admins and security experts even more control over the security of their Salesforce environments.

Transaction Security Policies are a new Salesforce Shield tool designed to monitor behavior in your Salesforce org in real time and take appropriate action should suspicious activity be detected. If a user tries to login from outside the country, they can be routed through a two-step verification process to prove it’s actually them. If someone tries to export thousands of Accounts without permission, the export can be blocked. If someone attempts to login from two places at once, their sessions can be immediately terminated. This cool new tool requires an add-on to Salesforce, so if this sounds right up your alley, check out Salesforce’s blog post, the release notes, and call your Salesforce AE today!

-Jared and the Salesforce Guys

Tip of the Week – Salesforce Shield brings new control and insight to the platform

Tip of the Week – Salesforce Shield brings new control and insight to the platform

Salesforce Shield

Salesforce is a powerful platform with nearly limitless possibilities. Drag and drop features and easy to use wizards bring tools to the everyday user with “clicks, not code”, while the Force.com platform empowers experienced developers to reach for the clouds and beyond. But highly regulated industries dealing in sensitive data have special needs to meet compliance, and enterprise level businesses have enhanced tracking requirements to ensure the tools they build are being used to their fullest potential, leaving many businesses searching for outdated systems or scraping by on the status quo of their old proprietary database. Salesforce Shield aims to shift that paradigm.

Salesforce Shield brings new control and insight to the platform. This recently announced native Salesforce feature offers enhanced event monitoring, field auditing, and platform encryption to bring your org to the next level. Event monitoring allows deeper insights into daily application usage, the new Field Audit Trail expands field history tracking to 60 fields per object and 10 years of auditing, and platform encryption gives tighter control over sensitive data while allowing access to crucial business automation tools. Read more about Salesforce Shield here and let us know what features are most exciting to you!

-Jared and the Salesforce Guys