Newer Version Available

This content describes an older version of this product. View Latest

Encrypt New Data in Standard Fields

You can encrypt standard fields on standard objects from the Encryption policy page. For best results, encrypt the least amount of fields possible.
Available as an add-on subscription in: Enterprise, Performance, and Unlimited Editions. Requires purchasing Salesforce Shield. Available in Developer Edition at no charge for orgs created in Summer ’15 and later.
Available in both Salesforce Classic and Lightning Experience.

User Permissions Needed
To view setup: View Setup and Configuration
To encrypt fields: Customize Application

This page is about Shield Platform Encryption, not Classic Encryption. What's the difference?

Note

Depending on the size of your org, enabling a standard field for encryption can take a few minutes.

  1. Make sure that your org has an active encryption key. If you’re not sure, check with your administrator.
  2. From Setup, in the Quick Find box, enter Platform Encryption, and then select Encryption Policy.
  3. Click Encrypt Fields.
  4. Click Edit.
  5. Select the fields you want to encrypt.
    All new data entered in this field is encrypted. By default, data is encrypted using a probabilistic encryption scheme. To apply deterministic encryption to your data, select Deterministic from the Encryption Scheme list. For more information, see “How Deterministic Encryption Supports Filtering” in Salesforce Help.
  6. Click Save.
The automatic Platform Encryption validation service checks for settings in your org that can block encryption. You receive an email with suggestions for fixing incompatible settings.
Field values are automatically encrypted only in records created or updated after you’ve enabled encryption. Contact Salesforce to update existing records so that their field values are encrypted.

To encrypt standard fields on custom objects, such as Custom Object Name, see Customize Standard Fields and select Encrypt the contents of this field.

Note