Salesforce.com is stepping up its efforts to woo security-conscious businesses by adding “bring your own key” encryption to its Salesforce Shield cloud services.
Introduced a year ago, Shield offers encryption, auditing and event-monitoring functions to help companies build cloud apps that meet compliance or governance requirements. Encryption is based on keys generated by Salesforce using a combination of an organization-specific “tenant secret” and a Salesforce-maintained master one. Originally, secrets and keys in Shield were generated and managed through Salesforce’s built-in key-management infrastructure, accessed through a point-and-click interface.
