Salesforce Shield is a group of three products –

  • Event Monitoring
  • Field Audit Trail
  • Platform Encryption

These three products provide security controls in your Salesforce instance in addition to the strong security which is already built in Salesforce environment.

Salesforce Shield is an extra cost product and you have to explicitly request Salesforce to enable it for your Salesforce Org.

Here are some resources to help you get started.

1. Event Monitoring

Event Monitoring provides continuous monitoring, plus real time alerts for your Salesforce Org.

 eventmonitoring

When Salesforce Event Monitoring is enabled in your Salesforce Org, data about what’s happening in your Org starts getting collected. This data is made available to you to download in the form of CSV files every 24 hours. Each file will be available to you for the next 30 days. You would need to set up an ETL job to import this data regularly in a database and create reports using a BI tool to visualize the information.

In addition, Event Monitoring also provides the ability to set up real-time alerts for specific events in your Salesforce instance. This is called Transaction Security. You would need to set up policies to customize Transaction Security real-time alerts for your Salesforce Org.

Salesforce has also created a visualization tool called Event Monitoring Wave App which gives you pre-built dashboards based on the data collected by Event Monitoring in your Salesforce Org.

 admin_analytics

Many Salesforce partner ISVs have built extensive dashboards and enhanced alerting tools using the Salesforce Event Monitoring. Cloudlock, Splunk and FairWarning are examples of some of these tools.

Create your Own Reports & Dashboards using Event Monitoring Data in Logs

Event Monitoring using Partner Apps

  • Cloudlock for Salesforce: https://appexchange.salesforce.com/listingDetail?listingId=a0N3000000B5MXaEAN
  • Splunk: https://splunkbase.splunk.com/app/1931/
  • FairWarning: https://appexchange.salesforce.com/listingDetail?listingId=a0N3000000B5YHjEAN
  • Event Monitoring using Pre-Built Analytics dashboards from Salesforce

    Please note that Salesforce Event Monitoring Wave App was previously known as Admin Analytics.

  • Salesforce Event Monitoring Wave App Implementation Guide: https://drive.google.com/file/d/0B-f2QYCAT1DFZDFhaHJ6Tk4xWEk/view?usp=sharing
  • Watch this video ( https://www.youtube.com/watch?v=UydKm0QIiiE) to get an introduction to Salesforce Event Monitoring Wave App. The Salesforce Event Monitoring Wave App (Admin Analytics) section starts at 3:30
  • Transaction Security – Real-time Events, Alerts, Actions, Notifications

  • Real Time Actions using Transaction Security Policies:  https://help.salesforce.com/HTViewHelpDoc?id=security_transactions_about.htm
  • Example Transaction Security Policies – these examples are based on the most common requirements we see from customers:  https://developer.salesforce.com/docs/atlas.en-us.200.0.apexcode.meta/apexcode/apex_interface_TxnSecurity_PolicyCondition.htm
  • 2. Salesforce Platform Encryption

     encryption
    Salesforce Platform Encryption allows you to encrypt sensitive data at rest in your Salesforce Org. You can also encrypt files and attachments.

    3. Field Audit Trail

    Field Audit Trail allows you to preserve the past values of specific fields in a record.
     fat

    Get Started with Field Audit Trail

    Field Audit Trail vs Field History Tracking

    All Salesforce.com editions come with Field History Tracking out of the box, with up to 20 fields per object selected for tracking changes. Tracked changes may be displayed in a related History list and are stored in a related object, object__history, for up to 18 months.

    Field Audit Trail gives you the ability to track 3x more fields in a Force.com production org and control how long those field history records are retained in the org before being archived to longer-term storage:

    • Maximum time to retain field history records in production org is 18 months
    • Overall maximum time to retain a field history record is 10 years
    • Up to 60 fields per object may be selected for tracking changes

    Summary

    Salesforce Shield is a group of three products –

    • Event Monitoring
    • Field Audit Trail
    • Platform Encryption

    These Salesforce Shield products allow you to build very strong security for the sensitive data in your Salesforce Org.

    Here are some additional resources for you:

  • Introducing Salesforce Shield:  https://www.salesforce.com/blog/2015/07/introducing-salesforce-shield.html
  • Salesforce Shield Demo:  https://www.youtube.com/watch?v=dCt2Tzsum2Y
  • Salesforce Shield Datasheet:  https://www.salesforce.com/form/pdf/app-cloud-shield-datasheet.jsp
  • Gartner CASB:  https://www.cloudlock.com/blog/the-rise-of-the-api-casb/