Veeva CRM Support of Salesforce.com Shield

In the Fall of 2015, Salesforce.com released a set of integrated services giving customers enhanced visibility and control of sensitive data and processes being persisted/conducted on the Force.com platform. These services are grouped together and called Salesforce.com Shield. There are three major services:

Of the three services, Platform Encryption poses a potential risk to the Veeva CRM application. Platform Encryption involves encrypting data at the field level while at rest in the Salesforce.com database. When this is enabled for a particular field, the field cannot be used in SOQL WHERE clauses. Given that the majority of Veeva CRM applications across the board use SOQL WHERE clauses to function, if a field that is used or could potentially be used in these areas is encrypted, the feature encounters an error.

This is a Force.com platform limitation and not something particular to the Veeva application and not something Veeva can work around. This means that the SOQL queries will not only fail in the Veeva application but will also fail in Salesforce.com reporting, third-party AppExchange applications, custom Apex, third-party integrations etc.

Platform encryption also has several other limitations that are important to be aware of. The standard Salesforce fields and custom field encryption limitations exist can be found on Salesforce.

If it is decided to explore the possibility of enabling this feature for a particular set of fields, an environment-focused impact analysis must be done in order to understand the impact to Veeva and other platform/integration tools active in the environment. As Salesforce.com will recommend in documentation, it is important to be very specific and conservative when deciding which fields to encrypt.