Understand the Importance of Data Privacy
- Identify the different types of sensitive data.
- Understand the importance of securing sandbox data.
- Explain the options available to admins for securing sandbox data.
Why Secure Sandbox Data?
At Salesforce, trust is our number one value. We prioritized data security from the start, so we can respond to changing regulatory and customer requirements for data privacy and security. In recent years, expansive new privacy regulations such as the European Union (EU) General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) require companies to make technical and organizational changes to their security practices to ensure compliance. These regulations affect nearly every Salesforce customer. In addition, industry-specific regulations such as the Payment Card Industry Data Security Standards (PCI DSS) and the Health Insurance Portability and Accountability Act of 1996 (HIPAA) include strict privacy data protections.
Noncompliance and data breaches can result in total loss of customer trust and severe financial and legal consequences, with fines of $5,000–$100,000 per month until a company achieves compliance. GDPR infractions can lead to even larger fines of up to 4% of annual global revenues, or $20 million, whichever is greater.
Mindful of these complex privacy requirements, Salesforce systematically addresses all privacy-related systems and processes—including where sensitive data resides, how and when it moves, and who has access to it and when. While production environments are continuously scrutinized for security or privacy leaks, sandbox environments are sometimes lower priority because they're used only for testing and development. However, developers or contractors who are working in sandboxes could have access to data that would otherwise be restricted in production.
Consider this scenario. A developer at a healthcare company is responsible for creating and rolling out a new custom object to be used by admins that tracks patient satisfaction survey results. The developer hires a contractor to build the custom object in a sandbox. The developer can either manually remove all sensitive data from the org or closely monitor and control the contractor’s access to sensitive fields to protect patient privacy. Neither option is efficient nor likely to guarantee data security.
The Challenge of Securing Sandbox Data
Sandbox environments can contain personal information (PI) and personally identifiable information (PII). PI and PII data includes the names of customers, employees, phone numbers, email addresses, physical addresses, Social Security numbers, credit card and banking details, compensation information, general secrets, and more. Because sandboxes are typically used for development and testing, a larger group of developers, employees, and contractors that can’t typically access production environments might need to be given access to sandboxes. Managing sandbox data privacy often is an afterthought and if implemented can be time-consuming and difficult.
Without special tooling for sandbox data, Salesforce administrators and developers spend considerable time and resources securing full and partial sandbox data. They do so to ensure that the sensitive data in production is carefully controlled as data is replicated from production to sandbox environments.