You've Changed: Field Audit Trails and the Salesforce Time Machine

You’ve Changed! - Field Audit Trail and the Salesforce Time Machine

Jonathan BruceDirector of Product ManagementSalesforce@jonbruce

Jennifer McClainDirector, Product ManagementCloudLock@jenniferdigital

It’s been a busy year...

CIOs are struggling to balance innovation and compliance

RegulationsNew Tech

World’s Most Trusted Enterprise CloudTrust is our #1 value

Five Elements of Trust

Transparency

Always on availability

Performance at scale

Global data centers

Enterprise compliance

Q1 Transactions211B+ Customers

150kApps2M+

Salesforce Trust Services

Infrastructure Services

AnalyticsCommunityMarketingServiceSales Apps

Network Services

Application Services

Secure Data Centers

Backup and Disaster Recovery

47 Major Releases

HTTPS Encryption

Penetration Testing

AdvancedThreat Detection

Identity & Single Sign On

Two Factor Authentication

User Roles & Permissions

Field & Row Level Security

Secure Firewalls

Real-time replication

Password Policies

Third Party Certifications

IP Login Restrictions

CustomerAudits

150,000+ customers 2,000,000+ apps

Sixteen years of innovation on the world’s most trusted cloud

Introducing: Salesforce Shield

Infrastructure Services

Network Services

Application Services

Secure Data Centers

Backup and Disaster Recovery

HTTPS Encryption

Penetration Testing

AdvancedThreat Detection

Identity & Single Sign On

Two Factor Authentication

User Roles & Permissions

Field & Row Level Security

Secure Firewalls

Real-time replication

Password Policies

Third Party Certifications

IP Login Restrictions

CustomerAudits

Salesforce ShieldPlatform Encryption

Event Monitoring

Field Audit Trail

New services to help you build trusted apps fast

Monitor User ActivityKnow who is accessing data from where

Optimize Performance Troubleshoot application performance to improve end user experience

Track Application Usage Understand application usage to increase adoption

Gain Visibility Into User Actions with Event Monitoring

Encrypt Sensitive Data While Preserving Business Functionality

Seamlessly protect data at restEncrypt standard & custom fields, files & attachments

Natively integrated with key Salesforce featuresE.g., Search, Chatter, Lookups work with encrypted data

Customer managed keysCustomer-driven encryption key lifecycle management

Strengthen Data Integrity with Field Audit Trail

Ensure data is accurate, complete & reliableAnswers the who, what, when of data changes

Establish Data Retention PoliciesComply with internal and industry regulations

Track and Access Data at ScaleBig data back-end for more fields for longer retention

“I need the ability to audit who has viewed a records regardless of how they access

it” - -Summa (SI) -Phillips Sapphire

“I have a customer that had an issue where they were hacked a couple months ago. The hack stole someone's SFDC user name/PW and extracted a list of their contacts & customer info. They spent weeks with legal teams, insurance and the like afterwards (big $$). ” - Charles Schwab

Security & Audit Use Cases

-Summa (SI)-Phillips Sapphire

“Our case object is the core of our org, and records everything. We have maybe 100 fields on there that track all sorts of metrics – whether it’s a case, various actionable dates, attributes, etc. We’re going need to add even more in order to support the latest product release cases. - Wearable Device Vendor

Business Process Use Cases

Biggest Asks from the Past Year

● New Retention Policy UI - most requested feature!

● True up all objects types for parity with Field History Tracking

● Improved SOQL capabilities

● Round out field type coverage (large text field, multi-select picklists...)

● Longer Retention periods

Now, You Can Enhance Record Retention CapabilitiesKeep track of your data evolution and life cycle

3x20FIELDS PER OBJECTFIELDS PER OBJECT

Out-of-the-Box Field Audit Trail

Applies to all editions: Contact Manager, Group, Professional, Enterprise, Performance, Unlimited, Developer

SOQL

Bulk API

Maximize Auditability Without Sacrificing PerformanceRetain archived field history data up to 10 years, independent of field history tracking

1810

MONTHS

YEARS

SALESFORCE FIELD AUDIT TRAIL

1DAY

FIELD HISTORY

accountscontacts leads

opportunities

cases

custom object

custom objectcustom object

custom object

custom object

custom objectcustom objectinspection

warehouse inventory

positionjob

review

badge

workstation

workstation

user story patient medicationsbudgets

expenses

members

points

transactions

OUT-OF-THE BOX CUSTOM POLICYDATA ARCHIVE

bug

applicant

candidate

Secure Online Data Archive for Business ComplianceSingle normalized data set for easier query, storage and accessibility

Field Audit Trail in a NutshellSingle normalized data set for easier query, storage and accessibility

What’s Next For Field Audit Trail?

Moving Quickly to Address Swiss Cheese Effect

Biggest asks from the past year include:

● New Retention Policy UI - most requested feature!

● True up - entity types for parity with Field History Tracking

● Improved SOQL capabilities

● Round out field type coverage (large text field, multi-select picklists...)

● Longer Retention periods

Field Audit Trail - Policy Configuration UI

Assess Field Audit riskOrg-wide view of field audit tracking in your org

Overview of PoliciesHolistic view of object-specific retention policies

Policy DeploymentImmediate policy enforcement

Availablepost #DF

‘15

Demo - Field Audit Trail UIShawn Butterfield, PMM

CloudLock

Jennifer McClainDirector of Product Managementjennifer@cloudlock.com@jenniferDigital

USERS &

APPS

DATA

INFRASTRUCTURE

● Behavioral Anomaly● 3rd Party Apps granted access to data

● Cloud Data Protection & Governance

● Regulatory Compliance

● Audit Logs● Security APIs

CloudLock Enables Customers to Securely Embrace the Cloud

IT Security

App Developer

Homegrown Apps

ISV Cloud Apps

Enterprise

SaaS

force.com

PaaS and IaaS

Content Classification

User Behavior Analytics

. . .Encryption

ManagementApps

Firewall

force.com

IDaaS

Configuration Security

CloudLock Security Fabric 2.0: Cybersecurity-as-a-Service

INFRASTRUCTURE

CloudLock and Salesforce Shield

CloudLock Overview

Top Use Cases• Account Compromise• Data Breach• Cloud Malware• Regulatory Compliance• Security Ops & Audit

CloudLock: Healthcare and Financial Policy Packs

Field Audit Trail in CloudLock’s Security Fabric

• Compliance Auditing• Forensics• User Education

The Future of Field Audit Trails in CloudLock’s Security Fabric

• Gain insight into your existing Field Audit Trail configuration from a compliance perspective.

• Fine tune your Field Audit Trail settings to enhance platform security

• Realize the impact of archival with proper Data Retention Policies.

• Prescriptive analytics aid in security & compliance best practices

The Future of Field Audit Trail in CloudLock’s Security Fabric

• Automated, Policy-Driven Response Actions to selectively archive field history

Thank you