Prevent users from saving unprotected data directly to Sales force using Cloud Data Protection

book

Article ID: 168867

calendar_today

Updated On:

Products

CDP for Salesforce

Issue/Introduction

How to ensure that end-users are saving records through the Cloud Data Protection server and not directly through Sales force where unprotected data can be saved.
 

Resolution

Validation rules can be used in Sales force to ensure that only protected data (tokenized or encrypted) is saved to the cloud.

Note:
The prefix and suffix of cipher text are consistent within an environment.
Other environments (eg. Dev, UAT, Prod) could potentially have a different prefix and suffix.

Steps:

  1. Log into Sales force directly
  2. Copy a field containing a cipher text value
  3. Go to Setup
  4. Under Customize, select Validation Rules for the object in question
  5. Create a new validation rule for the field in question
  6. Copy the first and last character of the cipher text and create a rule similar to the below example


NOT AND( LEFT( Account.Name , 1)  = '갇', RIGHT( Account.Name , 1)  = '각')

The above example ensures that the Name field under the Account object contains protected data and will throw an exception if that is not the case.