Salesforce Security Guide

Clouds with binary code floating aboveCloud with binary code floating above

No Results

Search Tips:

  • Please consider misspellings
  • Try different search keywords
Salesforce Security Guide
Salesforce Security Basics
Authenticate Users
Give Users Access to Data
Share Objects and Fields
Strengthen Your Data’s Security with Shield Platform Encryption
What You Can Encrypt
Platform Encryption Q&A
How Encryption Works
Set Up Your Encryption Policy
Required Permissions
Generate and Manage Tenant Secrets
Set Up Field-Level Encryption
Encrypt Files
Encrypt Data in Chatter
Encrypt Data Cloud with Customer-Managed Root Keys
Encrypt Search Index Files with a Tenant Secret
Encrypt Search Index Files with a Root Key
Encrypt CRM Analytics Data
Encrypt Event Bus Data
Fix Blockers
Stop Encryption
Filter Encrypted Data with Deterministic Encryption
Key Management and Rotation
Shield Platform Encryption Customizations
Encryption Trade-Offs
Audit and Monitor Your Organization’s Security
Real-Time Event Monitoring
Security Guidelines for Apex and Visualforce Development
API End-of-Life Policy
PDF

Encrypt Search Index Files with a Tenant Secret

In orgs that don't yet use the updated search index framework, use a tenant secret in the search index encryption process. Sometimes you must search for personally identifiable information (PII) or for data that’s encrypted in the database. When you search your org, the results are stored in search index files in plaintext — a potential vulnerability. You can encrypt these search index files with Shield Platform Encryption, adding another layer of security to your data.

Some orgs use the newer search index encryption functionality. To confirm the encryption type for your org, see Encrypt Search Index Files with a Root Key.

Note

Available in both Lightning Experience and Salesforce Classic (not available in all orgs).
Available as an add-on subscription in: Enterprise, Performance, and Unlimited Editions. Requires purchasing Salesforce Shield. Available in Developer Edition at no charge.

User Permissions Needed
To generate, destroy, export, import, upload, and configure Shield Platform Encryption key material: Manage Encryption Keys
  1. From Setup, in the Quick Find box, enter Platform Encryption, and then select Key Management.
  2. In the Key Management Table, select Search Index.
  3. Select Generate Tenant Secret.
    This new tenant secret encrypts only the data stored in search index files.
  4. From Setup, in the Quick Find box, enter Encryption Settings, and then select Encryption Settings.
  5. In the Encryption Policy section, turn on Encrypt Search Indexes.
    Your search indexes are now encrypted with the active Search Index tenant secret.