Newer Version Available
Encrypt New Data in Standard Fields
You can encrypt standard fields on standard objects at rest with Shield Platform
Encryption. For the best results, encrypt the least number of fields possible.
| Available as an add-on subscription in: Enterprise, Performance, and Unlimited Editions. Requires purchasing Salesforce Shield or Shield Platform Encryption. Available in Developer Edition at no charge. |
| Available in both Salesforce Classic and Lightning Experience. |
| User Permissions Needed | |
|---|---|
| To view setup: | View Setup and Configuration |
| To encrypt fields: | Customize Application |
Depending on the size of your org, enabling a standard field for encryption can take a few minutes.
- Make sure that your org has an active encryption key. If you’re not sure, check with your administrator.
- From Setup, in the Quick Find box, enter Encryption Settings, and then select Encryption Settings.
- In the Advanced Encryption Settings section, click Select Fields.
- Click Edit.
-
Select the fields that you want to encrypt.
All new data entered in this field is encrypted. By default, data is encrypted using a probabilistic encryption scheme. To apply deterministic encryption to your data, select Deterministic from the Encryption Scheme list. For more information, see “How Deterministic Encryption Supports Filtering” in Salesforce Help.
- Save your work.
The automatic Platform Encryption validation service checks for settings in your org
that can block encryption. You receive an email with suggestions for fixing incompatible
settings.
Field values are automatically encrypted only in records created or updated after
you’ve enabled encryption. Synchronize existing data with your active key material on
the Encryption Statistics and Data Sync page.