Embed Size (px)
Citation preview
Platform Encryption for ISVs Partner Webinar 23-Feb 2016
Assaf Ben-Gur - Platform Encryption PM Platform Encryption TE Expert Team: Daniel Jallais Marco Kuster Warren Chen
Safe Harbor
Safe harbor statement under the Private Securities Litigation Reform Act of 1995:
This presentation may contain forward-looking statements that involve risks, uncertainties, and assumptions. If any such uncertainties materialize or if any of the assumptions proves incorrect, the results of salesforce.com, inc. could differ materially from the results expressed or implied by the forward-looking statements we make. All statements other than statements of historical fact could be deemed forward-looking, including any projections of product or service availability, subscriber growth, earnings, revenues, or other financial items and any statements regarding strategies or plans of management for future operations, statements of belief, any statements concerning new, planned, or upgraded services or technology developments and customer contracts or use of our services.
The risks and uncertainties referred to above include – but are not limited to – risks associated with developing and delivering new functionality for our service, new products and services, our new business model, our past operating losses, possible fluctuations in our operating results and rate of growth, interruptions or delays in our Web hosting, breach of our security measures, the outcome of any litigation, risks associated with completed and any possible mergers and acquisitions, the immature market in which we operate, our relatively limited operating history, our ability to expand, retain, and motivate our employees and manage our growth, new releases of our service and successful customer deployment, our limited history reselling non-salesforce.com products, and utilization and selling to larger enterprise customers. Further information on potential factors that could affect the financial results of salesforce.com, inc. is included in our annual report on Form 10-K for the most recent fiscal year and in our quarterly report on Form 10-Q for the most recent fiscal quarter. These documents and others containing important disclosures are available on the SEC Filings section of the Investor Information section of our Web site.
Any unreleased services or features referenced in this or other presentations, press releases or public statements are not currently available and may not be delivered on time or at all. Customers who purchase our services should make the purchase decisions based upon features that are currently available. Salesforce.com, inc. assumes no obligation and does not intend to update these forward-looking statements.
Agenda
- Introduction / Warren
- What is Platform Encryption / Assaf
- Roadmap / Assaf
- Ensuring ISV Encryption Readiness / Daniel
- Demo, how to set PE on an org and potential errors with packages / Marco
- Next Steps / Daniel
- Q&A
Introduction Why this presentation?
Introduction
Platform Encryption - One of our most successful products, ever: In use today by many of our largest brands - Customers can encrypt many Standard fields, incl. within Communities (Spring ‘16)
- Support for Managed Package fields coming in Summer ‘16
Impact for ISVs: - Platform Encryption breaks some core functionality, including some likely used by ISVs - Not supporting PE can result in lost business if customer decides to not use the ISV app
Actions from ISVs: - Test their app with Platform Encryption; understand if changes are required - Decide if they want to invest in supporting PE or not, being aware of business risks - Adapt their packages, if necessary
What is Platform Encryption? At first a Customer decision
Salesforce Shield
What is Platform Encryption?
The App Cloud platform features and supporting infrastructure that enable customers to easily and securely encrypt data at rest in Salesforce while preserving critical business functionality.
Architecture Overview
Encrypted Fields Encrypted Files
AES 256
DATA
Database File Storage FFX
Database File Storage FFX
Database File Storage FFX
Database File Storage FFX
Key Derivation Server
Embedded HSM
Key Derivation Server
Embedded HSM
Key Derivation Server
Embedded HSM
Key Derivation Server
Embedded HSM
Key Capabilities
Turn encryption on custom field types, declaratively or via the MDAPI
While data is strongly encrypted at rest, field length is not affected
Manage organization encryption keys declaratively via the Setup UI or API, including Generate, Rotate,
Export, re-Import and Destroy Keys
Text Text Area Text Area (Long) Email Phone URL
Turn encryption on standard fields, declaratively or via the MDAPI
Search encrypted data via Global Search, S1 and SOSL
Files and Attachments can be encrypted while at rest in just one-click
Platform Encryption Use Cases
Facilitates ● Regulatory Compliance ● Unauthorized Access to Database ● Contractual Obligations ● PII & Data privacy
Does NOT replace ● Sharing Model ● Object/Field Level Security ● Data Residency Solution ● Encryption for Non-Salesforce Data ● Protection against Social Engineering
Proper Encryption Impacts Functionality
Not possible to reference encrypted fields: ● In SOQL WHERE clause ● In SOQL ORDER BY clause ● In SOQL GROUP BY clause
Feature limited with encrypted fields: ● Filtering in reports & list views (works in WF rules)
Key ISV impacts for referring encrypted fields using these unsupported functions
1. Package install/upgrade will fail 2. Field encryption will fail if a package reference that field using unsupported functions
Workarounds are published
● In Formula fields (roadmap)
● As External lD or Unique
● Sharing Rules [Filtering]
Roadmap
Summer ’16 (~Jun ‘16)
Allow encryption on Managed custom fields, Subscriber control (540+ points)
Winter ’17 (DF ’16 / Oct ‘16)
Policy-driven encryption: - Blacklisting Manage Custom fields by default - Blacklisting/Whitelisting custom and/or standard fields, Developer Control
Planned ISV Features (Forward-Looking Statement)
Summer ’15 (Jun ‘15)
DF ’16 Highlight
Spring ’16 (~ Feb ‘16)
Execute Describe calls querying encrypted fields in non-Platform Encryption orgs (Field.Encrypted? Right, Left otherwise)
Platform Encryption GA API Accessible Encryption/Decryption is transparent, tied to FLS And many more just works seamlessly..
Planned Key Features (Forward-Looking Statement)
71% of Customers Installed 1+ App Pre-integrated apps help customers move faster
25% of customers installed 3+ apps
Over 2,700 apps
3.5 Million installs
Ensuring ISV Encryption Readiness
What’s in it for me? Why should we invest in being encryption-ready?
The world is changing Encryption at rest becomes a requirement.
Likely to become a standard like SSL/TLS is today.
Be encryption-ready - to position your app ahead of the industry, - to reveal new opportunities, - to get a major key differentiator
Big customers. Big Money.
What to do?
Measure functional impact if a given field is encrypted and ...
Used in... Replace by... Check...
Report/Listviews with Filter/Sorting
VF pages No report
Usability impact Customer’s Value
SOQL Where Clause/Filters SOSL search App efficiency
SOQL Order by/Sorting Apex code ordering/sorting App efficiency
Filtering in sharing rules Apex sharing rule
Formula (roadmap) Workflow field update Apex code
Schema impact Schema impact + Customisability
Dynamic SOQL N/A Runtime Execution
Managed Custom Field N/A Summer’16 [safe harbor]
Org with PE
Install package
Load data
Successful Installation?
Test application
Dynamic SOQL?
Identify and change if needed
Encrypt ALL std fields & files
Update package
Field meaningful to encrypt?
Un-encrypt field*
Still errors ?
Correct or Un-encrypt field* Update Your Listing
next error all errors managed
yes no
yes no
yes no
yes no
How to test an application? (by the ISV)
Start
End
for every error
*Un-encrypt field: worst case scenario where ISV decides to NOT support this field being encrypted, so will limit / reduce capabilities to customers.
Delivering Platform Encryption support to your customer
1 package fits all - Allow any customers to encrypt ● Update your package
• Implement workarounds • Use of Dynamic SOQL combined with Describe isEncrypted Field
● Update your customers
“Platform Encryption Ready” applications
What is it?
- A new filter in the appexchange for DF’16 (Safe Harbor) - ISV partner sentence “Tested for Platform Encryption” under the
App Description and/or under Other Requirements
Who is responsible?
- Under the ISV Partner responsibility
What about Security Review team? - ISV Partner to document usage of Dynamic SOQL in the context
of Platform Encryption to facilitate SR team audit.
- Apex code to check if current user has ‘View Encrypted Data’ enabled similar to CRUD/FLS
- Checkmarx Scanner not able to identify Platform encryption error
ISV Impact Positive revenue impacts
Salesforce Shield is made of 3 components that you can sell individually or all bundled together.
● Platform Encryption
● Event Monitoring
● Field Audit Trail
*All Pricing are based on PNR
Revenue and Direct Sales RISKS ⇒ Customer can decide to NOT buy or uninstall if Platform Encryption is not supported by your App. ⇒ Ensure Direct Sales will think “Platform Encryption is fully supported by any ISV Solution”
Demo how to set PE on an org and potential errors with packages
Next Steps
Next steps Check your application(s) against Platform Encryption
Now
Decide to leverage Platform Encryption Start thinking about encrypting your package’s fields.
Platform Encryption page on partner community Available after the webinar Will contain all information, FAQ, code examples,etc.
Partner community Chatter group: Platform Encryption for ISVs To ask questions https://partners.salesforce.com/_ui/core/chatter/groups/GroupProfilePage?g=0F930000000PbFT
Additional resources
• Intro (5min)
• Platform Encryption Terminology
• Implementation Guide
• Whitepaper (Platform Encryption Architecture)
• Killer Animated Video (10min)
• DF15: Demystifying Key Management (35min)
• DF15: PE for Devs and Admins (1hr)
• Best Practices
Additional Resources • Considerations
• Classic Encryption vs. Platform Encryption
• Platform Encryption and Sandboxes
• Conga + PE = Like!
• DocuSign + PE = Like!
• LinkPoint360 + PE = Like!
• CloudLock + PE = Like!
So…
Is your App encryption-ready yet?
thank y u
Enable full Platform Encryption
Start from a new Dev org (https://developer.salesforce.com/signup ) Or open a ticket to get it enable on pre-existing Org
To turn on encryption: 1. https://developer.salesforce.com/signup to get a new org.
2. Grant Manage Encryption Keys to the Encryption Admin (spring’16): Permission Set or Profile 3. Go to Setup and search for ‘Encrypt’ 4. Click on Platform Encryption 5. Click on Generate Tenant Secret button 6. Click on Encrypted Fields 7. Click on Edit 8. Select all possible fields and Save 9. Click on Back to Platform Encryption 10. Enable Files and Attachments encryption 11. Click on Save to save your choice 12. Update existing data or upload new data so that the crypto service will kick in and encrypt it 13. Grant View Encryption Data to users
Failure Screen during installation of a managed package
Failure Screen during run-time of a managed package
Building/Updating Apps with Platform Encryption
workarounds: https://developer.salesforce.com/events/webinars/platform_encryption * Formula fields on the long term roadmap
Instead of … SOQL Where Clauses/Filters SOQL Order By/Sorting/Group By Formula Fields* Sharing Rules (filtering)
Use this Feature … SOSL Search + Find Sort in Apex Workflow/Apex trigger Apex + Apex sharing rules
Encryptable standard fields In Spring’16
On the Account object: Account Name, Fax, Website, Phone
On the Contact object: Description, Email, Fax, Home Phone, Mailing Address (Encrypts only Mailing Street and Mailing City), Mobile, Name (Encrypts First Name, Middle Name, and Last Name), Other Phone, Phone
On the Case object: Subject, Description
On Case Comments: Body
