Newer Version Available
What’s the Difference Between Classic Encryption and Shield Platform Encryption?
With Shield Platform Encryption, you can encrypt
a variety of widely used standard fields, along with some custom fields and many kinds of
files. Shield Platform Encryption also supports person
accounts, cases, search, approval processes, and other key Salesforce features. Classic
encryption lets you protect only a special type of custom text field, which you create for
that purpose.
| Available as add-on subscription in: Enterprise, Performance, and Unlimited Editions. Requires purchasing Salesforce Shield. Available in Developer Edition at no charge for organizations created in Summer ’15 and later. |
| Available in both Salesforce Classic and Lightning Experience. |
| Feature | Classic Encryption | Shield Platform Encryption |
|---|---|---|
| Pricing | Included in base user license | Additional fee applies |
| Encryption at Rest | ![]() |
![]() |
| Native Solution (No Hardware or Software Required) | ![]() |
![]() |
| Encryption Algorithm | 128-bit Advanced Encryption Standard (AES) | 256-bit Advanced Encryption Standard (AES) |
| HSM-based Key Derivation | ![]() |
|
| “Manage Encryption Keys” Permission | ![]() |
|
| Generate, Export, Import, and Destroy Keys | ![]() |
![]() |
| PCI-DSS L1 Compliance | ![]() |
![]() |
| Masking | ![]() |
![]() |
| Mask Types and Characters | ![]() |
|
| “View Encrypted Data” Permission Required to Read Encrypted Field Values | ![]() |
![]() |
| Encrypted Standard Fields | ![]() |
|
| Encrypted Attachments, Files, and Content | ![]() |
|
| Encrypted Custom Fields | Dedicated custom field type, limited to 175 characters | ![]() |
| Encrypt Existing Fields for Supported Custom Field Types | ![]() |
|
| Search (UI, Partial Search, Lookups, Certain SOSL Queries) | ![]() |
|
| API Access | ![]() |
![]() |
| Available in Workflow Rules and Workflow Field Updates | ![]() |
|
| Available in Approval Process Entry Criteria and Approval Step Criteria | ![]() |
