Introducing: Salesforce Shield The fastest way to build trusted apps

 

Safe harbor statement under the Private Securities Litigation Reform Act of 1995:

This presentation may contain forward-looking statements that involve risks, uncertainties, and assumptions. If any such uncertainties materialize or if any of the assumptions proves incorrect, the results of salesforce.com, inc. could differ materially from the results expressed or implied by the forward-looking statements we make. All statements other than statements of historical fact could be deemed forward-looking, including any projections of product or service availability, subscriber growth, earnings, revenues, or other financial items and any statements regarding strategies or plans of management for future operations, statements of belief, any statements concerning new, planned, or upgraded services or technology developments and customer contracts or use of our services.

The risks and uncertainties referred to above include – but are not limited to – risks associated with developing and delivering new functionality for our service, new products and services, our new business model, our past operating losses, possible fluctuations in our operating results and rate of growth, interruptions or delays in our Web hosting, breach of our security measures, the outcome of any litigation, risks associated with completed and any possible mergers and acquisitions, the immature market in which we operate, our relatively limited operating history, our ability to expand, retain, and motivate our employees and manage our growth, new releases of our service and successful customer deployment, our limited history reselling non-salesforce.com products, and utilization and selling to larger enterprise customers. Further information on potential factors that could affect the financial results of salesforce.com, inc. is included in our annual report on Form 10-K for the most recent fiscal year and in our quarterly report on Form 10-Q for the most recent fiscal quarter. These documents and others containing important disclosures are available on the SEC Filings section of the Investor Information section of our Web site.

Any unreleased services or features referenced in this or other presentations, press releases or public statements are not currently available and may not be delivered on time or at all. Customers who purchase our services should make the purchase decisions based upon features that are currently available. Salesforce.com, inc. assumes no obligation and does not intend to update these forward-looking statements.

Safe Harbor

SNA

Terminal

Mainframe LAN / WAN

Client

Server

LAN / WAN

Client

Server

Cloud

Mobile

Social

Data Science

Thousands customer interactions

connected things Billions Trillions Millions

The app revolution is opening up a world of innovation for businesses

Apps are generating more customer data than ever before

Apps

Financial Data

Health Data

Location Data

90% of the world’s data created in the last 12 months

World’s Most Trusted Enterprise Cloud Trust is our #1 value

Five Elements of Trust

Transparency

Always on availability

Performance at scale

Global data centers

Enterprise compliance

Q1 Transactions 211B+

Customers 150k

Apps 2M+

Salesforce Trust Services

Infrastructure Services

Analytics Community Marketing Service Sales Apps

Network Services

Application Services

Secure Data Centers

Backup and Disaster Recovery

47 Major Releases

HTTPS Encryption

Penetration Testing

Advanced Threat Detection

Identity & Single Sign On

Two Factor Authentication

User Roles & Permissions

Field & Row Level Security

Secure Firewalls

Real-time replication

Password Policies

Third Party Certifications

IP Login Restrictions

Customer Audits

150,000+ customers 2,000,000+ apps

Sixteen years of innovation on the world’s most trusted cloud

Introducing: Salesforce Shield

Infrastructure Services

Network Services

Application Services

Secure Data Centers

Backup and Disaster Recovery

HTTPS Encryption

Penetration Testing

Advanced Threat Detection

Identity & Single Sign On

Two Factor Authentication

User Roles & Permissions

Field & Row Level Security

Secure Firewalls

Real-time replication

Password Policies

Third Party Certifications

IP Login Restrictions

Customer Audits

Salesforce Shield Platform Encryption

Event Monitoring

Field Audit Trail

New services to help you build trusted apps fast

 Monitor User Activity  Know who is accessing data from where

Optimize Performance  Troubleshoot application performance to improve end user experience

 Track Application Usage  Understand application usage to increase adoption

Gain Visibility Into User Actions with Event Monitoring

Retain Field History for Up to 10 Years with Field Audit Trail

 Establish Data Retention Policies  Know the state and value of data at any time Access Retained Data at Scale  Normalize on big data back-end for performance

 Comply with Industry Regulations  Secure data archive with the highest trust standards

Encrypt Sensitive Data While Preserving Business Functionality

 Seamlessly protect data at rest  Encrypt standard & custom fields, files & attachments   Natively integrated with key Salesforce features  E.g., Search, Chatter, Lookups work with encrypted data

 Customer managed keys  Customer-driven encryption key lifecycle management

Salesforce Shield New services to help you build trusted apps fast

Encrypt Audit Monitor

Platform Encryption Field Audit Trail Event Monitoring

Salesforce Shield The Event Monitoring Story

Auditing, Analytics and Actions at a Glance Audit Fields Login History Setup Audit Trail Field History

Tracking Field Audit Trail Event Monitoring

Purpose Track who created or last modified a record user and time

Track end-user logins and login attempts (e.g. failures)

Track Administrative changes in setup like escalation of privileges or creation of new fields

Track state changes at the field level Analysis: Track a variety of server interactions including report exports, page views, and document downloads

Action: Automate actionable security policies such as limiting data export or notifying on concurrent login sessions

Example Adam Torman modified the Acme account earlier today

Adam Torman logged in using Chrome v 42.0 on Mac OSX

Permission set Modify All Data assigned to user Adam Torman

Adam Torman changed the Case status from Open to Closed

Adam Torman clicked on Marc Benioff’s patient record and downloaded the customer list

Jari Salomaa was prevented from logging into his iPad until he removed a previous login session

Interface Record Detail UI and API

Setup UI and API Setup UI and API Setup / Related List UI and API API (CSV download) + Wave Integration

Setup UI

[Profile or Sharing] Permissions Required

*Read/Query requires sharing access to parent record

Manage User permission

*View Setup and Configuration permission

Configure requires Customize Application permission *Read/Query requires sharing access to parent record

*View Event Log Files permission AND * View Login Forensics

Author Apex AND Customize Application

Data Retention Policy

Life of the record / 18 Months depending on org inception date

6 months FIFO 6 months FIFO 20 fields for 18 months

60 fields for 10 years

Up to 30 days for Event Log Files and 10 years for Login Forensics

N/A

Pricing $0 $0 $0 $0

** $add-on $0 - Login/Logout Event Log Files for 1 day ** $add-on - 29 log files for 30 days + Login Forensics + Transaction Security

Online Docs

Audit Fields Login History Setup Audit Field History Field Audit Event Monitoring Transaction Security

What we are hearing from CISOs

 1. Visibility to user activity  Report on what users are doing and where policies are needed

 2. Generate security policies  Generate real-time actions such as notifications and proactive prevention

 3. Automate actions from policies  Fine-tune your application portfolio and business process

 4. Analyze, monitor results and audit  Fine-tune your security policies and provide audit trails for auditors

Two halves of the same solution

 Analytics

 Actions

Policy Generation

Event Capture

Historical Analytics

Real Time Actions

Cycle of Security Historical

Logs

User Segmentation

Real-time Analytics

Audit

Event Generation

Policy Deployment

Policy Design

Policy Customization

 Analytics  Actions

Policy Design

Policy Enforcement Data Capture and Management

Reporting and Audit

Analytics For Event Monitoring

 Support  Provide better, data-driven support for your end users

 Audit  Track your user’s activities

 Optimize  Fine-tune your application portfolio and business process

Actions For Event Monitoring

 Customizable Apex Policies  Framework auto-generated policies

 Define Real Time Actions  Notify, Block, Force 2FA, Session Chooser

 Enforce Session Constraints  Control the number of active user sessions

An Example Concurrent Log Sessions

Problem set: Concurrent Login Sessions ●  Users should not be logged in to

more than ‘n’ sessions ●  Limit the number of concurrent

sessions to reduce risk with malicious activities ○  FedRamp requirement

●  Security policy should understand who will be impacted and prompt the user to remove previous sessions that no longer apply

Policy Generation

Event Capture

Historical Analytics

Real Time Actions

Cycle of Security Historical

Logs

User Segmentation

Real-time Analytics

Audit

Event Generation

Policy Deployment

Policy Design

Policy Customization

 Analytics  Actions

Policy Design

Policy Enforcement Data Capture and Management

Reporting and Audit

Analyze current login behaviors using analytics

Track login trends and ask questions: ●  Who will be impacted if you create a policy based

on Profile, Role, User, etc…? ●  What integrations may break? ●  How are user’s logging in - S1 Mobile, Web

Browser, integrations?

Policy Generation

Event Capture

Historical Analytics

Real Time Actions

Cycle of Security

Historical Logs

User Segmentatio

n

Real-time Analytics

Audit

Event Generation

Policy Deployme

nt

Policy Design

Policy Customizatio

n

Determine criteria for policy

By Profile: ●  System Admin Profile >= 2

By Role: ●  East Coast Exec Role >=5

By User: ●  Adam Torman OR Jari Salomaa

>=1 By Time: ●  Saturday OR Sundays >=1

Policy Generation

Event Capture

Historical Analytics

Real Time Actions

Cycle of Security

Historical Logs

User Segmentatio

n

Real-time Analytics

Audit

Event Generation

Policy Deployme

nt

Policy Design

Policy Customizatio

n

Decide which actions to take Policy Generation

Event Capture

Historical Analytics

Real Time Actions

Cycle of Security

Historical Logs

User Segmentatio

n

Real-time Analytics

Audit

Event Generation

Policy Deployme

nt

Policy Design

Policy Customizatio

n

Determine actions to take: ●  None ●  Block ●  2FA ●  Session Chooser

Customize Apex policy and add criteria

Customize the policy ●  Apply custom criteria such as

Profiles, Roles, Users, etc… ●  Work closely with your developers to

customize it for your design

Policy Generation

Event Capture

Historical Analytics

Real Time Actions

Cycle of Security

Historical Logs

User Segmentatio

n

Real-time Analytics

Audit

Event Generation

Policy Deployme

nt

Policy Design

Policy Customizatio

n

Deploy policy

Deployment is as easy as selecting a checkbox on the policy

Policy Generation

Event Capture

Historical Analytics

Real Time Actions

Cycle of Security

Historical Logs

User Segmentatio

n

Real-time Analytics

Audit

Event Generation

Policy Deployme

nt

Policy Design

Policy Customizatio

n

Real-time action policy enforcement

In real-time, users will be forced to take an action based on the criteria you created

Policy Generation

Event Capture

Historical Analytics

Real Time Actions

Cycle of Security

Historical Logs

User Segmentatio

n

Real-time Analytics

Audit

Event Generation

Policy Deployme

nt

Policy Design

Policy Customizatio

n

Analyze policy enforcement and Audit

Track how many 2FA or session chooser screens were selected.

Policy Generation

Event Capture

Historical Analytics

Real Time Actions

Cycle of Security

Historical Logs

User Segmentatio

n

Real-time Analytics

Audit

Event Generation

Policy Deployme

nt

Policy Design

Policy Customizatio

n

Salesforce Platform Encryption Strongly encrypt data at rest while preserving critical business functionality

 Encrypt data at rest when it is stored on the App Cloud

 Encrypt Standard & Custom Fields, Files, & Attachments

 Customers manage their encryption keys on the App Cloud platform

What Problems We Solve

Why It’s Unique Salesforce Platform Encryption

Quickly and seamlessly protect sensitive data

Setup takes minutes – no extra hardware or software

Makes the App Cloud ‘encryption aware’

Salesforce1 Mobile-ready, natively

Salesforce Platform Encryption

 Encryption Services  Standards based encryption built natively into the App Cloud Platform  AES encryption using 256bit keys  Layers seamlessly with other App Cloud security features

 Key Management  Customer driven key lifecycle management

 Uses secure derived keys that are never persisted in the App Cloud  Hardware Security Module based key management infrastructure  FIPS 140-2 compliant

 Policy Management  Customer control over policy configuration

 Select fields, files, and attachments to be encrypted  Encryption controlled with metadata to take complexity out of deployments

 App Cloud Integration  Preserve important functionality like search and business rules  Built-in capabilities to iteratively add additional feature support

 Features and Functionality Overview

Architecture Overview

Encrypted Fields Encrypted Files

AES 256

DATA

Database File Storage FFX

Database File Storage FFX

Database File Storage FFX

Database File Storage FFX

Key Derivation Server

Embedded HSM

Key Derivation Server

Embedded HSM

Key Derivation Server

Embedded HSM

Key Derivation Server

Embedded HSM

 Keys and Secrets  Master Secret Master Wrapping Key

 Master Salt Tenant Wrapping Key

Keys and Secrets Key Derivation Server RSA Key Pair

Hardware Security Modules  Key Management Components

Master HSM Key Derivation Server

Embedded HSM

 Functions

 Generates Per-Release Secrets and Keys

 Encrypts Secrets and Keys for Secure Distribution

 Air-gapped from Production Network

Functions

Unwraps Per-Release Secrets and Keys

Generates and Encrypts Tenant Secret

Performs Key Derivation

 Generated once per release by Salesforce Security Officer using air-gapped Master HSM  Encrypted with the Master Wrapping Key and stored in Key Derivation Servers  Decryptable only by Key Derivation Server’s Private Key and the Master Wrapping Key

 Org-specific secret generated, managed, and rotated by customers  Manage via Setup or SOAP API  Encrypted using the per-release Tenant Wrapping Key and stored in the database  Decryptable only by Key Derivation Server’s Private Key and Tenant Wrapping Key

 Created by Key Derivation Servers via Password Based Key Derivation Function  Decrypts and combines Master and Tenant Secrets and Master Salt as input to PBKDF2 function  Output of KDF is an Org-specific Data Encryption Key used to encrypt customer field values and files  Derived keys are cached on the App Cloud platform

Master Secret / Master Salt Tenant Secret Data Encryption Key

Key Derivation  Creating Org-specific Data Encryption Keys

Deriving Data Encryption Keys Standards Based Key Derivation Function: PBDKF2 HMAC with SHA256 Runs 15,000 Iterations Outputs 256 bit length Data Encryption Key

Tenant Secret 1

Password Based Key Derivation Function

Data Encryption Key 1

Data Encryption Key 1

Cache

Master Secret Summer

‘15

Summer ‘15

Master Salt

Key Derivation Server

Embedded HSM

Key Derivation Server

Embedded HSM

Key Derivation Server

Embedded HSM

Key Derivation Server

Embedded HSM

Customer Driven Key Lifecycle Derived Encryption Keys Are Never Persisted Create, Manage, and Rotate Keys Declarative & API Based Key Management Import and Export Tenant Secrets on Demand

Field Encryption Policies Customer Driven Encryption Policies Declarative or API Policy Configuration Supports Both Standard and Custom Fields Natively Integrated with the App Cloud Features

Standard Field Encryption and Search

  Standard Field Encryption •  Account Name •  Contact First/Middle/Last Name •  Email •  Phone •  Home/Other Phone •  Mobile •  Fax •  Mailing Street & City •  Person Account fields •  Case Subject, Description •  Case Comments’ Body

Search Fields and Files (via Desktop, Salesforce1 Mobile and SOSL)

Custom Field Encryption

Custom Field Types •  Email •  Phone •  Text •  Text Area •  Text Area (Long) •  URL

Enable with Metadata Encrypt Existing Fields

Chatter Files and Attachments Encryption

Encrypt Content of Chatter Files Preview Encrypted Files File Content Search Encrypt Attachments

Thank you