Salesforce Bolsters Real-Time Data Security

    Slide Show

    10 Security Trends to Look for in 2016

    Given the sensitivity of the data stored in customer relationship management (CRM) applications, it should come as no surprise that there is a lot of concern over how to secure that data. To address that issue, Salesforce today extended a security policy engine service that now makes it possible to limit who gets to see which data stored in its applications in real time.

    Seema Kumar, senior director of product marketing for Salesforce, says the Transaction Security service is an extension of Salesforce Shield that makes use of new event monitoring tools that IT organizations can then use to either block entirely or simply generate an alert when a user tries to access a certain type of data without permission. The IT organization can use Salesforce Shield to determine the specific action across a broad set of data.

    In addition, Kumar says Salesforce will soon extend this capability to not only its own applications, but all the applications that tap into the same customer records stored in the Salesforce cloud ecosystem.


    For all the investments in IT security over the years, it’s becoming clear that the battle to secure applications is coming down to individual sets of data. Whether it’s an internal or external threat, IT organizations need to work closely with the business to put a set of controls in place that secures specific types of data.

    Naturally, there’s always going to be some form of debate as to which types of data need more security than others. But the one thing that just about everybody inside and out of IT should be able to agree on is that data about customers is highly sensitive, if for no other reason than the simple fact that compromised customer data inevitably results in a series of conversations and actions that most organizations would much rather not have.


    Mike Vizard
    Mike Vizard
    Michael Vizard is a seasoned IT journalist, with nearly 30 years of experience writing and editing about enterprise IT issues. He is a contributor to publications including Programmableweb, IT Business Edge, CIOinsight and UBM Tech. He formerly was editorial director for Ziff-Davis Enterprise, where he launched the company’s custom content division, and has also served as editor in chief for CRN and InfoWorld. He also has held editorial positions at PC Week, Computerworld and Digital Review.

    Latest Articles