Last year Salesforce introduced Salesforce Shield, a set of integrated services built natively into the Salesforce platform. Salesforce Shield raised the bar for customers with complex governance and compliance needs, empowering them to monitor and encrypt sensitive cloud data at rest—all with point and click tools.
Today, Salesforce is excited to extend Salesforce Shield’s Platform Encryption service with Bring Your Own Encryption Key (BYOK) capability. This new feature, now in pilot, allows customers to generate and supply their own tenant secret to derive encryption keys, giving them increased ownership of data security.
With Salesforce Shield’s Platform Encryption built into our metadata platform, customers can encrypt data while preserving important business functionality, such as workflows, search and validation rules. And now, Salesforce has extended the same user-centric approach to BYOK, giving customers even more control over the encryption key lifecycle.