Customers today expect the same kind of on-demand, context-aware experience from their bank as they do from Uber. The cloud is the key that opens the way for companies to move fast and deliver that experience. More than ever, financial services CIOs face the decision to continue to hold their data in silos or seize opportunities in the cloud for better service, stronger loyalty programs, and real-time contextual experiences — across mobile, social, and millions of connected devices.
But for some, trusting the security of the cloud is still a leap of faith. It’s a case of “out of sight, out of mind.” The system you can touch, the servers in your own office, are somehow more reliable than those off somewhere in the cloud.
App Cloud’s new ebook, “Salesforce Shield for Financial Services,” debunks some of the myths about the cloud while suggesting ways to improve the security of your platform.
Salesforce Shield is a set of additional security services built on top of our platform for companies that have more complex compliance and governance requirements. It includes three essential services that help manage the entire lifecycle for cloud data governance and compliance: Event Monitoring, Platform Encryption, and Field Audit Trail. These are the foundation of Shield.
Event Monitoring: Use intelligence to detect and prevent data misuse.
• User activity tracking
• Real-time alerts
• Preventative actions
With Event Monitoring, customers can get visibility into detailed usage data across all apps built on Salesforce. It allows customers to not only see who is accessing critical business data when, and from where, but also analyze usage patterns and take steps to implement security policies that alert or block actions in real time.
Platform Encryption: Implement controls to limit access to data.
• At rest encryption of sensitive data
• Encryption key management
While Salesforce encrypts all data in transit between our cloud and the end user, some regulations or internal policies may require additional levels of protection for sensitive data such as PII while it is at rest. With Platform Encryption, customers can encrypt data and files at rest with a button click while retaining important app functionality such as search, workflow, and validation rules.
Field Audit Trail: Retain data to ensure integrity and audibility.
• Up to 10-year retention and archival policies
• Query-based retrieval of field history
The financial services industry has a number of regulations requiring proper retention of changes to the customer’s financial data for a set period of time. Field Audit Trail helps create a forensic data-level audit trail with up to 10 years of history. Companies can define data retention policies so data is deleted on a timeline they set. This helps automate managing the lifecycle for different categories of regulated data.
Our financial services customers have been expanding their use of Salesforce from sales to marketing, service, and operations. As a result, more of customers’ sensitive data is stored in our cloud than ever before.
So the question is not whether cloud is secure, but rather how you can better govern and manage access to that data. Salesforce Shield provides the essential security services financial firms need to move more of their business processes and data into the cloud. From analyzing usage to devising better policies and fortifying protection for sensitive data, Shield allows companies in regulated industries to focus on innovating and responding to their customers more quickly than ever before.
Read on for more insight into building security into your financial services.