Close
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Menu
Search
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cloud
    • Cloud

    Salesforce Enhances Shield Security With BYOK for Regulated Industries

    By
    David Needle
    -
    July 12, 2016
    Share
    Facebook
    Twitter
    Linkedin
      Salesforce Encryption 2

      Cloud computing services for consumer and business have grown immensely, but there are still concerns about security, particularly in highly regulated industries such as health care and finance.

      These industries also are bound by strict compliance regulations that can limit how practical it is to adopt so-called off-premise, cloud computing alternatives.

      Salesforce.com aims to address these concerns with an update to Salesforce Shield that allows companies to use their own encryption key system to secure their data. Typically, encryption providers maintain their own encryption keys or offer a more cumbersome file vault system.

      The new capabilities, described as Bring Your Own Key (BYOK), are being tested as part of a pilot that involves customers and third-party key providers. A finished version is expected to be released later this year.

      “Ultimately what it is doing is giving the customer more control and offering compliance in a simple point-and-click manner to manage encryption,” Brian Goldfarb, senior vice president of app cloud marketing at Salesforce, told eWEEK. “Customers asked us for more control and now they’re in the driver’s seat.”

      Forrester security analyst John Kindervag predicts the new offering will be a welcome addition to current Salesforce customers and a selling point to potential customers concerned about the security of their data. “In 2013 we coined the term ‘bring your own encryption’ to deal with sensitive data in the cloud. It shouldn’t be the service provider; you should have control of your own key,” Kindervag told eWEEK.

      While highly regulated industries will be among the early adopters, Kindervag predicts the service eventually will roll out more broadly. “All companies are concerned about toxic data—in other words, data that becomes outside your control when there’s a data breach,” he said. “With services like this you can control who has access and you can mitigate when there’s a breach because it allows you to revoke the encryption keys so they’re not usable by anyone, ever.

      “I’d like to see a time where all data is encrypted and we can tell our grandkids tales of how we used to send unencrypted data over the internet and how foolish that was,” he added.

      Kindervag also contends BYOK will be welcomed by companies concerned about government agencies issuing warrants to cloud providers when they’re seeking data in a criminal investigation. In the BYOK scenario, anyone seeking that data has to deal directly with the companies that own the data, since they control the encryption key.

      One of the partners working with Salesforce on the new offering is enterprise data protection company Vormetric. The company is testing what it calls Key Management-as-a-Service (KMaaS) for Salesforce Shield Platform Encryption that it says will enable companies to natively encrypt data at rest across their Salesforce apps. The Vormetric offering also eliminates the need to deploy, maintain and assign resources to encryption key management.

      “Salesforce Shield Platform Encryption provides the robust encryption service, while Vormetric provides complementary capabilities to further address needs to meet compliance and best practices for managing of encryption key life cycles outside of Salesforce,” Vormetric vice president of cloud, C.J. Radford, said in a release, adding that enterprises can do this “without the need for enterprises to become cryptographic experts.”

      Goldfarb said hundreds of Salesforce customers are already testing the update and others are welcome to apply ahead of its commercial availability later this year.

      Salesforce Shield customers will have a variety of options for managing tenant secrets, including open-source crypto libraries such as OpenSSL to their existing HSM infrastructure and third-party services such as Amazon Web Services Key Management Service and AWS CloudHSM. In addition to Vormetric, Salesforce has partnered with another encryption key broker, SkyHigh Networks.

      Analyst Kindervag said he prefers Salesforce’s approach of using APIs to connect to third-party brokers than a broader industry approach based on encryption standards. “With APIs things can communicate without inhibiting innovation,” he said. “In the past it was standards that helped things talk to each other. But that approach also inhibits innovation when developers are forced to comply with those standards rather than create the best solution they can.”

      Avatar
      David Needle
      Based in Silicon Valley, veteran technology reporter David Needle covers mobile, bi g data, and social media among other topics. He was formerly News Editor at Infoworld, Editor of Computer Currents and TabTimes and West Coast Bureau Chief for both InformationWeek and Internet.com.

      MOST POPULAR ARTICLES

      Android

      Samsung Galaxy XCover Pro: Durability for Tough...

      Chris Preimesberger - December 5, 2020 0
      Have you ever dropped your phone, winced and felt the pain as it hit the sidewalk? Either the screen splintered like a windshield being...
      Read more
      Cloud

      Why Data Security Will Face Even Harsher...

      Chris Preimesberger - December 1, 2020 0
      Who would know more about details of the hacking process than an actual former career hacker? And who wants to understand all they can...
      Read more
      Cybersecurity

      How Veritas Is Shining a Light Into...

      eWEEK EDITORS - September 25, 2020 0
      Protecting data has always been one of the most important tasks in all of IT, yet as more companies become data companies at the...
      Read more
      Big Data and Analytics

      How NVIDIA A100 Station Brings Data Center...

      Zeus Kerravala - November 18, 2020 0
      There’s little debate that graphics processor unit manufacturer NVIDIA is the de facto standard when it comes to providing silicon to power machine learning...
      Read more
      Apple

      Why iPhone 12 Pro Makes Sense for...

      Wayne Rash - November 26, 2020 0
      If you’ve been watching the Apple commercials for the past three weeks, you already know what the company thinks will happen if you buy...
      Read more
      eWeek


      Contact Us | About | Sitemap

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Property of TechnologyAdvice.
      Terms of Service | Privacy Notice | Advertise | California - Do Not Sell My Information

      © 2021 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×