What does “at rest” mean involving data encryption?












1















I've been reading the Salesforce Security Guide and it mentions involving Salesforce Shield and Platform Encryption that it




allows you to natively encrypt your most sensitive data at rest across
all your Salesforce apps.




What does "at rest" mean? How is this different than an encrypted field?






platform-encryption shield







share|improve this question





























    1















    I've been reading the Salesforce Security Guide and it mentions involving Salesforce Shield and Platform Encryption that it




    allows you to natively encrypt your most sensitive data at rest across
    all your Salesforce apps.




    What does "at rest" mean? How is this different than an encrypted field?






    platform-encryption shield







    share|improve this question



























      1












      1








      1








      I've been reading the Salesforce Security Guide and it mentions involving Salesforce Shield and Platform Encryption that it




      allows you to natively encrypt your most sensitive data at rest across
      all your Salesforce apps.




      What does "at rest" mean? How is this different than an encrypted field?






      platform-encryption shield







      share|improve this question
















      I've been reading the Salesforce Security Guide and it mentions involving Salesforce Shield and Platform Encryption that it




      allows you to natively encrypt your most sensitive data at rest across
      all your Salesforce apps.




      What does "at rest" mean? How is this different than an encrypted field?






      platform-encryption shield




      platform-encryption shield






      share|improve this question















      share|improve this question













      share|improve this question




      share|improve this question








      edited 3 hours ago







      Tyler Zika

















      asked 3 hours ago









      Tyler ZikaTyler Zika

      1,0741927




      1,0741927






















          1 Answer
          1






          active

          oldest

          votes


















          2














          The "encrypted fields" feature use encryption keys managed by Salesforce, only works for custom fields, and can show masked data (e.g. ***-**-1234 instead of the full 9 digit number). Platform encryption uses encryption keys defined by the customer, can encrypt many standard and custom fields and file types, but cannot show masked data.



          Data at rest simply refers to data that is stored in the database (i.e. while is is on the hard drive of one of the servers). It is decrypted on demand when the records are retrieved from storage, and encrypted on demand when stored to the database.



          Encrypted fields is primarily for HIPAA and other privacy requirements, while platform encryption is primarily for complying with government and security regulations regarding how data is stored when placed on permanent storage.



          Note that "permanent storage" does not mean the data can never be altered or removed, but simply means that when the servers are rebooted, that data is not lost. This is opposed to temporary storage (e.g. RAM) that may be lost in the event of power failure, a reboot, etc.






          share|improve this answer























            Your Answer








            StackExchange.ready(function() {
            var channelOptions = {
            tags: "".split(" "),
            id: "459"
            };
            initTagRenderer("".split(" "), "".split(" "), channelOptions);

            StackExchange.using("externalEditor", function() {
            // Have to fire editor after snippets, if snippets enabled
            if (StackExchange.settings.snippets.snippetsEnabled) {
            StackExchange.using("snippets", function() {
            createEditor();
            });
            }
            else {
            createEditor();
            }
            });

            function createEditor() {
            StackExchange.prepareEditor({
            heartbeatType: 'answer',
            autoActivateHeartbeat: false,
            convertImagesToLinks: false,
            noModals: true,
            showLowRepImageUploadWarning: true,
            reputationToPostImages: null,
            bindNavPrevention: true,
            postfix: "",
            imageUploader: {
            brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
            contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
            allowUrls: true
            },
            onDemand: true,
            discardSelector: ".discard-answer"
            ,immediatelyShowMarkdownHelp:true
            });


            }
            });














            draft saved

            draft discarded


















            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsalesforce.stackexchange.com%2fquestions%2f252312%2fwhat-does-at-rest-mean-involving-data-encryption%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown

























            1 Answer
            1






            active

            oldest

            votes








            1 Answer
            1






            active

            oldest

            votes









            active

            oldest

            votes






            active

            oldest

            votes









            2














            The "encrypted fields" feature use encryption keys managed by Salesforce, only works for custom fields, and can show masked data (e.g. ***-**-1234 instead of the full 9 digit number). Platform encryption uses encryption keys defined by the customer, can encrypt many standard and custom fields and file types, but cannot show masked data.



            Data at rest simply refers to data that is stored in the database (i.e. while is is on the hard drive of one of the servers). It is decrypted on demand when the records are retrieved from storage, and encrypted on demand when stored to the database.



            Encrypted fields is primarily for HIPAA and other privacy requirements, while platform encryption is primarily for complying with government and security regulations regarding how data is stored when placed on permanent storage.



            Note that "permanent storage" does not mean the data can never be altered or removed, but simply means that when the servers are rebooted, that data is not lost. This is opposed to temporary storage (e.g. RAM) that may be lost in the event of power failure, a reboot, etc.






            share|improve this answer




























              2














              The "encrypted fields" feature use encryption keys managed by Salesforce, only works for custom fields, and can show masked data (e.g. ***-**-1234 instead of the full 9 digit number). Platform encryption uses encryption keys defined by the customer, can encrypt many standard and custom fields and file types, but cannot show masked data.



              Data at rest simply refers to data that is stored in the database (i.e. while is is on the hard drive of one of the servers). It is decrypted on demand when the records are retrieved from storage, and encrypted on demand when stored to the database.



              Encrypted fields is primarily for HIPAA and other privacy requirements, while platform encryption is primarily for complying with government and security regulations regarding how data is stored when placed on permanent storage.



              Note that "permanent storage" does not mean the data can never be altered or removed, but simply means that when the servers are rebooted, that data is not lost. This is opposed to temporary storage (e.g. RAM) that may be lost in the event of power failure, a reboot, etc.






              share|improve this answer


























                2












                2








                2







                The "encrypted fields" feature use encryption keys managed by Salesforce, only works for custom fields, and can show masked data (e.g. ***-**-1234 instead of the full 9 digit number). Platform encryption uses encryption keys defined by the customer, can encrypt many standard and custom fields and file types, but cannot show masked data.



                Data at rest simply refers to data that is stored in the database (i.e. while is is on the hard drive of one of the servers). It is decrypted on demand when the records are retrieved from storage, and encrypted on demand when stored to the database.



                Encrypted fields is primarily for HIPAA and other privacy requirements, while platform encryption is primarily for complying with government and security regulations regarding how data is stored when placed on permanent storage.



                Note that "permanent storage" does not mean the data can never be altered or removed, but simply means that when the servers are rebooted, that data is not lost. This is opposed to temporary storage (e.g. RAM) that may be lost in the event of power failure, a reboot, etc.






                share|improve this answer













                The "encrypted fields" feature use encryption keys managed by Salesforce, only works for custom fields, and can show masked data (e.g. ***-**-1234 instead of the full 9 digit number). Platform encryption uses encryption keys defined by the customer, can encrypt many standard and custom fields and file types, but cannot show masked data.



                Data at rest simply refers to data that is stored in the database (i.e. while is is on the hard drive of one of the servers). It is decrypted on demand when the records are retrieved from storage, and encrypted on demand when stored to the database.



                Encrypted fields is primarily for HIPAA and other privacy requirements, while platform encryption is primarily for complying with government and security regulations regarding how data is stored when placed on permanent storage.



                Note that "permanent storage" does not mean the data can never be altered or removed, but simply means that when the servers are rebooted, that data is not lost. This is opposed to temporary storage (e.g. RAM) that may be lost in the event of power failure, a reboot, etc.







                share|improve this answer












                share|improve this answer



                share|improve this answer










                answered 3 hours ago









                sfdcfoxsfdcfox

                257k12202445




                257k12202445






























                    draft saved

                    draft discarded




















































                    Thanks for contributing an answer to Salesforce Stack Exchange!


                    • Please be sure to answer the question. Provide details and share your research!

                    But avoid



                    • Asking for help, clarification, or responding to other answers.

                    • Making statements based on opinion; back them up with references or personal experience.


                    To learn more, see our tips on writing great answers.




                    draft saved


                    draft discarded














                    StackExchange.ready(
                    function () {
                    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsalesforce.stackexchange.com%2fquestions%2f252312%2fwhat-does-at-rest-mean-involving-data-encryption%23new-answer', 'question_page');
                    }
                    );

                    Post as a guest















                    Required, but never shown





















































                    Required, but never shown














                    Required, but never shown












                    Required, but never shown







                    Required, but never shown

































                    Required, but never shown














                    Required, but never shown












                    Required, but never shown







                    Required, but never shown







                    -

                    Popular posts from this blog

                    How to label and detect the document text images

                    Image
                    1 $begingroup$ This is what I mean as document text image: I want to label the texts in image as separate blocks and my model should detect these labels as classes. NOTE: This is how the end result should be like: The labels like Block 1, Block 2, Block 3,.. should be Logo, Title, Date,.. Others, etc. Work done: First approach : I tried to implement this method via Object Detection, it didn't work. It didn't even detect any text. Second approach : Then I tried it using PixelLink. As this model is build for scene text detection, it detected each and every text in the image. But this method can detect multiple lines of text if the threshold values are increased. But I have no idea how do I add labels to the text blocks. PIXEL_CLS_WEIGHT_all_ones = 'PIXEL_CLS_WEIGHT_all_ones' PIXEL_C
                    Read more

                    Vallis Paradisi

                    Image
                    Coordinata: .mw-parser-output .geo-default,.mw-parser-output .geo-dms,.mw-parser-output .geo-dec{display:inline}.mw-parser-output .geo-nondefault,.mw-parser-output .geo-multi-punct{display:none}.mw-parser-output .longitude,.mw-parser-output .latitude{white-space:nowrap} 33°03′S 71°37′W  /  33.05°S 71.617°W  / -33.05; -71.617 Vallis Paradisi Res apud Vicidata repertae: Civitas : Chilia Numerus incolarum : 296 655 Zona horaria : UTC-4 Situs interretialis Nomen officiale : Valparaíso Gubernium Consilium : municipal council of Valparaíso Geographia Superficies : 401 600 000 Metrum quadratum Coniunctiones urbium Urbes gemellae : Ovetum , Badalona , Santa Fe , Ora longa , Sciamhaevum , Quantunia , Callao , Bat Yam , Melaka , Novorossiysk , Busan , Corduba , Odessa , Rosario , Malacca , Barcino , Soteropolis , Franciscopolis (California) , Guanajuato, Silao Tabula aut despectus Despectus in portum sinumque et urbem Vallis Paradisi Vallis Para
                    Read more

                    Tabula Rosettana

                    Image
                    Tabula multilinguis Rosettana in Museo Britannico ostenditur. Tabula Rosettana, [1] etiam titulo OGIS 90 agnita, est stela decreto de rebus sacris in Aegypto anno 196 a.C.n. lato inscripta. Tabula iuxta Rosettam Aegypti, urbem in delta Nili et ad oram maris Mediterranei iacentem, anno 1799 a milite Francico reperta est. Inventio stelae, linguis duabus scripturisque tribus inscriptae, eruditis Instituti Aegypti statim nuntiata est; ibi enim iussu imperatoris Napoleonis eruditi omnium scientiarum (sub aegide Commissionis Scientiarum et Artium) properaverant cum expeditione Francica. Qua a Britannis mox debellata, tabula Rosettana Londinium missa hodie apud Museum Britannicum iacet. Textus Graecus cito lectus interpretationi textuum Aegyptiorum (in formis hieroglyphica et demotica expressorum) gradatim adiuvit. Denique textum plene interpretatus est Ioannes Franciscus Champollion. Ab opere eruditorum cumulativo coepit hodiernus scripturae hieroglyphicae linguaeque Aegyptiae a
                    Read more