Description of the problem

Corporate owners face a dual challenge concerning Salesforce. On one hand, Salesforce users, including employees and customers, highly appreciate the platform's interaction and user experience, as it simplifies their work, boosts daily productivity, and accelerates tasks. On the other hand, corporate owners must navigate the complexities of confidentiality, protection, privacy, and regulatory constraints within SaaS and Cloud solutions as Salesforce.

The application of Salesforce-related laws, such as the Cloud Act, can intersect with local regulations like GDPR in Europe or raise concerns related to strategic geopolitical sovereignty issues and Industrial espionage issues.

Within the Salesforce platform, data assumes various levels of importance and sensitivity. While certain information may be publicly available and non-sensitive, other data types are commonly utilized and require a certain level of attention. Moreover, there exists a category of data that necessitates special care due to its critical, confidential, or regulated nature.

Figure: some data need special care due to its critical, confidential, or regulated nature

Protecting this data from being accessed or potentially accessible by Salesforce is crucial. Although the volume of such data may be relatively small, its confidentiality can be a significant factor that impacts Salesforce adoption, scalability, and the ability to derive maximum value from the platform.

While existing solutions may be available, they often impose excessive restrictions on end users or IT stakeholders, or they require substantial effort without providing comprehensive coverage.