Mike SchurichtĀ wrote an interesting post about Where does Salesforce platform encryption fall short? that I would like to share.
“Salesforce ShieldĀ (Salesforceās platform encryption product) has now been on the market for about a year and a half. The goal is to encrypt data at rest in Salesforce with a bring your own key (BYOK) approach which was introduced in July. The solution sounds great, but doesnāt deliver on the main reasons you would want to encrypt cloud data in the first place.
One reason to encrypt is to maintain ownership of keys and not allow theĀ SaaS appĀ to see your sensitive data at all. BYOK allows you to control the keys with your own key management system (KMS), but Salesforce can decrypt data on the fly at any time, exposing data in clear text in the app. What have you really gained?
AĀ blind subpoenaĀ by the government could result in data turnover without your knowledge. You would not have the opportunity to deny or disconnect access from your KMS unless Salesforce explicitly asked you if it was ok. Most cloud app vendors have been fighting the government for some time on these requests, but it is definitely a possibility.
Another issue is the App Marketplace where other apps can be installed on top of Salesforce or connect your Salesforce instance to their own cloud infrastructures. Cloud apps which connect usingĀ Salesforce APIsĀ get access to the decrypted version of the data. This is a majorĀ flaw with cloud encryption provided by an app vendor: data is encrypted andĀ protected in that app, but what about all of the other apps connected to Salesforce? If sensitive data is encrypted in Salesforce, then synced and store in another cloud app unencrypted, you are not meeting your goal.
Yet another challenge isĀ protecting data wherever it resides. Protection of data downloaded or synced to endpoints connecting to the apps is important too. If data is encrypted in Salesforce and a user runs a report to export all Contact records, download those unencrypted records as a spreadsheet, and then leaves the company, what have you achieved? The protection of data in the cloud āworkedā but data was exfiltrated and not protected in any way after export.
SaaS security has always been an interesting area to follow since app vendors continue to add various features to increase support for cloud access controls, cloudĀ data loss preventionĀ (DLP), and cloud encryption, to name a few key features. This is great for customers since increased security options allow for better data protection and an opportunity to avoid having to cobble together a makeshift solution from existing technologies. The main problem with the approach is each app supports different things, in differing degrees of maturity, and this leads to fragmented security.
For consistent security, across control, and encryption, you really need a third-partyĀ cloud security platform. This agnostic approach allows admins to configure policies across multiple apps to provideĀ holistic total data protection.
Cloud access security brokersĀ (CASB) offerĀ unique solutions to meet these needsĀ across the many cloud apps adopted by the enterprise.”
_____
Source:
www.bitglass.com/blog/where-does-salesforce-platform-encryption-fall-short
Photo:news.bitcoin.com
