Why should you mask data in Salesforce and what kind of data should you be masking to ensure security, compliance and trust. Let's take an example. You may have a policy that states that customer data should not be accessible in sandbox.

Very common if we are doing offshoring working with third party developers and consultants. You also want to remove unnecessary business sensitive data from sandboxes. And delete and update anything else.

Let's take a look at how this can work across all of these sandboxes you may have. You may have personal data such as  customer information. You may have business sensitive data, such as opportunities, quotes, who do you sell to, how much do you sell it for? And you have other information.

When you think about masking sensitive data, you want to do that across full, partial, developer and developer pro sandboxes. Personal information is also present in your dev sandboxes because it includes user data. So if you have 500 Salesforce users, their email address, phone number or anything else, is present in Dev and Dev Pro sandboxes.

In addition to this, of course you're full and partial are a treasure trove of customer information in contacts, leads, community users. You may also have a lot of personally identifiable data in Cases, in Opportunities, Orders and others. This is the information you definitely want to mask.

In addition, you may want to mask business sensitive data such as product and Pricebook, Quotes, Orders, things like that. Finally, you may want to update setup, config data, such as custom settings, labels and remote site settings.

The second component is to delete unneeded data. Obviously your Dev and Dev Pro don't have additional data, but for full and partial, delete unstructured data, attachments, email history, chatter, files, tasks and other irrelevant data.

Particularly for large Salesforce orgs, you are better off masking what needs to be masked for testing, training and other usage. Anything else that you can get rid of by deletion, do that. That's a much faster approach. And finally for Dev and Dev Pro, you don't need to do anything else.

This is just a step one in a data reduction framework. They could look at the link to see other steps you can take to ensure data security in your organization? Thank you so much.

 

Leave a Reply

Your email address will not be published. Required fields are marked *