This article is on behalf of Lindsey Finch, Salesforce’s Executive Vice President and Data Protection Officer, and Bob Wise, Executive Vice President & General Manager of Hyperforce.
Today, we are proud to announce the latest step in our strategy to empower commercial and public sector customers with more control over where their data is stored and how it is secured from unwanted access: a new, open and interoperable collaboration with trusted technology partners to deliver External Encryption Key Management services.
Together with Hyperforce, our trusted cloud platform, and the Hyperforce EU Operating Zone, our strategy is focused on helping customers meet their business objectives while addressing regulatory requirements.
Today, we are proud to announce the latest step in our strategy to empower commercial and public sector customers with more control over where their data is stored and how it is secured from unwanted access: a new, open and interoperable collaboration with trusted technology partners to deliver External Encryption Key Management services.
Together with Hyperforce, our trusted cloud platform, and the Hyperforce EU Operating Zone, our strategy is focused on helping customers meet their business objectives while addressing regulatory requirements.
Hyperforce: Delivering data residency
We continue to expand the global footprint of Hyperforce, which enables Customer 360 applications to meet the data residency, scalability, security, privacy, and agility needs of our customers. In Europe, we launched Hyperforce in the United Kingdom this summer, adding to our Hyperforce locations in France and Germany. We plan to launch Hyperforce in Korea and Sweden this year, followed by Italy, Indonesia, United Arab Emirates, and Switzerland by the end of 2023.
Hyperforce EU Operating Zone: Keeping customer data in the EU with in-region support personnel
At Dreamforce last year, we announced the Hyperforce EU Operating Zone, a new way of combining our industry-leading products on Hyperforce with in-region customer and technical support. Our tailored operating zone, delivered through Hyperforce, is the result of deep listening with our customers, regulators, and other trusted partners, and is poised to transform our industry.
We plan to launch our operating zone offer in the European Union by the end of 2022, with the initial set of Customer 360 products including Sales Cloud, Service Cloud, Experience Cloud, CRM Analytics, and Platform, along with our Industries products, Financial Services Cloud and Health Cloud. We will be expanding the available product portfolio over time.
External Encryption Key Management: Enabling customers to enhance information security
Today’s announcement of our External Encryption Key Management collaboration will enable customers to choose a preferred encryption service provider and plug that service into their SaaS/PaaS/IaaS services, including the Salesforce platform, so they can more directly control encryption key management across their cloud services.
We are delighted to announce this new open and interoperable collaboration with a number of forward-looking and trusted technology partners including AWS, Atos, Entrust, HashiCorp, Thales and T-Systems. Our plug-and-play, open-source, and interoperable approach differs from existing proprietary solutions to the benefit of customers, regulators, and technology providers.
This new collaboration expands upon our commitment to empower customers to control where their data is stored and how it is accessed. In particular, it is designed to help address European regulator compliance recommendations for technical measures to protect and secure data including for government jurisdiction needs, by enabling customers to work with their choice of a trusted local encryption key technology provider that can prevent Salesforce’s ability to access their data.
Our trusted partners are key to this effort - each brings unique assets and capabilities:
“AWS is excited to help lead this new open collaboration with Salesforce and other leaders. Customers need different options for where to locate encryption keys and this public open-source encryption ecosystem helps expand those options.”
“With our long history in certified cryptography, we are excited to join this new industry collaboration with cloud leaders like Salesforce and look forward to bringing Atos' unique security and encryption solutions to our customers for the European data sovereignty they need.”
“We are delighted to work together with our partners and market leaders like Salesforce to provide world-class expertise and enable our clients to meet fast-changing legal and regulatory requirements across the global security landscape. With Data Protection as a Managed Service, T-Systems manages encryption keys according to European law and acts as a Cloud custodian for our customers.”
“Trust is the keystone of Thales's mission. We offer a full portfolio of External Encryption Key Management and Services and we are excited to be part of this new open-source collaboration with leaders like Salesforce.”
Commitment to Privacy
Our strategy is anchored in our long-standing commitment to privacy and offering the strongest measures available for enabling customers to control their data and how it is accessed.
Salesforce leads the industry in delivering the strongest privacy compliance commitments available:
- We take compliance with the EU General Data Protection Regulation (GDPR) seriously as demonstrated by our being a founding member of the EU Cloud Code of Conduct, a first-of-its-kind charter that empowers cloud service providers to demonstrate compliance with the GDPR, for which Salesforce has achieved recognition.
- We were the first enterprise software company to achieve approval for our Binding Corporate Rules (BCRs), which continue to reflect the highest data protection standards in the world and remain a valid data transfer mechanism.
- We adopted the latest set of Standard Contractual Clauses, published in 2021, with commitments that go beyond what’s legally required around government access requests and audits.
Built-in Trust
Encryption is another element of data protection increasingly demanded by customers and regulators. Salesforce offers a variety of industry-leading encryption services, including key management options, and our new key management collaboration will raise the bar.
Furthermore, Salesforce’s security architecture limits exposure of data to the users that act on it, protecting sensitive information from unauthorized access, human error or misconfiguration. Encryption, at rest and in transit, comes standard, ensuring the privacy and the security of data. We do not provide any government with our encryption keys or any other way to break our encryption. Trust and compliance information for each Salesforce service is available here.
Shaping the Future of SaaS, Together
We look forward to working with our customers, regulators and other stakeholders to answer together the needs emerging in the industry and paving the road to the future of SaaS so we all benefit from everything the cloud has to offer.
This new open collaboration will play a key role in shaping the industry’s path going forward. We invite those around the world who are interested in helping shape this new direction to contact me (Bob Wise) on LinkedIn.
Hyperforce
Meet the cloud platform developers love and CIOs trust.
