Setting up a Simple Encrypted Custom Text Field
Keeping customer data secure is a major requirement, and something you should want to do to better serve your customers. Salesforce has multiple layers of security along with a breadth of tools available to keep important data hidden, while still being stored in your org. One of those tools is called Classic Encryption.
What is Classic Encryption?
Classic Encryption allows you to protect data stored in custom fields. It allows you to create a custom field for the purpose of storing sensitive data, such as customer Credit Card information. Instead of values being displayed fully, characters are replaced with asterisks so the data stays hidden. Although it has “classic” in the name, this is a viable option for the Lightning User Interface, as well.
How to Create a Custom Encrypted Field
One common example is how to capture Credit Card information on the Account object. This example is laid out below, with tips on best practices to follow.
- Navigate to the object in Setup where your new field should be located, and under “Fields & Relationships”, select “New”. When choosing the field type, be sure to select “Text (Encrypted)”, and then select “Next”.
- Enter the data in the required fields. For “Mask Type”, we chose “Credit Card Number” because it best fit this request by providing “-” between the numbers. There are other options, such as “Mask All Numbers”.
- Be sure to pay attention to which profiles have visibility and read-only access. You’ll want to be careful not to make this field very open in your org. Double check that you have given “System Administrator” access in the Visible column, as well as any automated user profile that may need to make updates automatically. Select “Next”.
- Add the field to the appropriate page layouts, keeping in mind only what is necessary. Select “Save” when you’re done.
Navigate to your Account record and make sure it’s right where you need it on your page layout!
What Permissions Need to Be Given for Encrypted Fields?
Even though you may have made it visible and placed it on the page layout, there is still a step needed to ensure certain users can actually see the data once it is displayed. This should only be done for users that should see the data in its entirety, such as a manager in Finance, or a System Administrator.
The “View Encrypted Data” permission will need to be given for those particular users. There are a few ways to do this, but one is recommended over the others. Whenever you have a small number of users that need access to data, a Permission Set is recommended instead of making Profile changes. Also, this General User Permission cannot be added to standard profiles, such as System Administrator, and can only be given to Custom Profiles. Therefore, the permission set makes more sense in this case.
It’s important to note that If a user has this permission, as well as the ability to clone records, they can then clone that value, as well. Also, if this user grants login access to others, those additional individuals can see the data (such as Salesforce Support).
Important Information to Keep in Mind When Creating an Encrypted Field
We cannot stress enough that you should only create an Encrypted field when absolutely necessary. Once this field is created, you will need a plan to ensure that you can abide by Privacy and Consumer Information laws such as General Data Protection Regulation (GDPR) or California Consumer Privacy Act (CCPA). If someone inquires about how that data is stored, or communicates that they wish to be removed from your database, you must be able to honor those requests. Storing information – even if it is encrypted – can be dangerous if the consumer has asked to be removed.
There are other considerations to keep in mind when working with encrypted fields when it comes down to permissions. Encrypted fields can be edited even if the user does not have the “View Encrypted Data” permission. You must use other forms of validation or permissions restrictions to prevent edits if that is a concern. Also, this data may not remain hidden when being displayed in a debug log. Encrypted data can also be displayed in report results, but not used to define report criteria. Likewise, the data cannot be searched upon in the org, but can be displayed in search results. They cannot be used in workflow rules, formula fields, or lead conversion. It is also a good idea to have “Require Secure Connections (HTTPS)” enabled in your org.
Remember, this is not the same as Salesforce Shield, but does take your org one step further in protecting customer data. This can be a great tool for peace of mind for your customers in keeping them, and their data, more secure.
Further Reading and Resources: