While the app economy has companies keenly aware of the need to bring their apps to market quickly to keep up with their competition, but for companies with serious governance concerns or in regulated industries that’s often easier said than done.
Security and compliance concerns can’t be dismissed in the rush to get an app into the app store, and that’s a concern cloud-based customer relationship management software vendor Salesforce with a new solution, Salesforce Shield. The new set of services includes Field Audit Trail, Platform Encryption, Data Archive and Event Monitoring.
Companies are using cloud platforms such as the Salesforce1 platform to quickly develop and deliver apps for their business using simple, templates processed that don’t require extensive coding knowledge. But the companies were previously on their own when it came to integrating features for compliance and ensuring apps met both internal and external governance processes. For example, a health care provider may want to develop an app to help practitioners pull up patient information on a mobile device, but they need to be very careful with how sensitive personal information is handled.
“While many companies are leveraging the cloud to build apps at the speed of business, those in regulated industries have struggled to take full advantage of the cloud due to regulatory and compliance constraints,” said Tod Nielsen, executive vice-president of Salesforce1 Platform with Salesforce, in a statement. “With Salesforce Shield, we are liberating these IT leaders and developers, and empowering them to quickly build the cloud apps their businesses need, with the trust Salesforce is known for.”
Salesforce Shield is designed to allow app developers to use drag-and-drop tools to add auditing, encryption, archiving and monitoring into apps they’re building on the Salesforce1 platform. The features can also be added to any app natively built on the platform, including apps in the partner ecosystem, and allows ISVs to secure their apps before adding them for sale to the Salesforce AppExchange.
Included within Salesforce Shield is Platform Encryption, which allows developers to designate the sensitive data they want encrypted without impeding the business workflow the app is designed to enable. Data Archive allows historical data that doesn’t need to be accessed regularly to be moved into nearline storage on the Salesforce1 Platform so it’s still available as required, but at a lower storage cost. With Field Audit Trial, data changes can be tracked for up to 10 years with different policies set for each piece of data according to regulatory and governance requirements. And Event Monitoring allows companies to see who is using their apps and what they’re doing with them; for example, if someone is downloading information they shouldn’t be.
According to Salesforce, pricing for the new Shield services will be based on a percentage of their total spend with the company, and companies can choose to purchase select components or all of them. Field Audit Trail, Event Monitoring, and Platform Encryption now available, and Data Archive will follow next year.