Earlier today Salesforce launched Salesforce Shield, a set of administrative PaaS capabilities aimed at bringing to the Salesforce1 platform a number of key (and long desired) capabilities like archiving, encrypting and monitoring.
But let’s dissect the press release in our common commentary style:

SAN FRANCISCO--July 14--Salesforce [NYSE: CRM], the Customer Success Platform and the world’s #1 CRM company, today launched Salesforce Shield, a new set of Salesforce1 Platform services that include Field Audit Trail, Platform Encryption, Data Archive and Event Monitoring.
Now, companies with compliance or governance requirements, or businesses in regulated

industries can build trusted cloud apps fast--using clicks, not code.  Leading organizations such as First Data and Genomic Health are using Salesforce Shield today to build trusted apps. 
MyPOV – Salesforce is adding key platform capabilities to Salesforce1 with audit, encryption, archive and event monitoring capabilities. It is good to see these coming, some of them like Archiving have been something Salesforce customers have been waiting for since some time. And the set of four capabilities is key for all companies, as literally all of them are confronted with an increase of regulatory and government requirements. To a certain point Salesforce has been lucky to focus on CRM, which traditionally has been less the focus of regulators. Had Salesforce e.g. originated in the Finance or HCM domain these four capabilities would have been built a few years ago. As Salesforce is attracting more ISVs to its platform (see since a long time Financial Force and more recently e.g. Lumesse), these capabilities become more crucial. And as mentioned before, Salesforce customers were looking for some of these capabilities in the past, and had to implement, operate and maintain 3rdparty solutions to address these.

Comments on the News:

·       “While many companies are leveraging the cloud to build apps at the speed of business, those in regulated industries have struggled to take full advantage of the cloud due to regulatory and compliance constraints,” said Tod Nielsen, executive vice president of
Salesforce1 Platform, Salesforce. “With Salesforce Shield, we are liberating these IT
leaders and developers, and empowering them to quickly build the cloud apps their
businesses need, with the trust Salesforce is known for.”

MyPOV – Nielsen is correct that a more powerful platform makes for a more powerful developer, reducing time to go live. As mentioned before, the four capabilities are needed for best practice CRM operations, too – not just from a regulatory perspective. So a double benefit for Salesforce to add these.

·       "As a leading payments technology company serving millions of business owners around the globe, First Data adheres to rigorous federal and international compliance
standards,” said Steve Petrevski, senior vice president of Technology, First Data.
“Salesforce1 Platform allows us to incorporate compliance capabilities into our apps to
better serve the needs of our global client base.”

MyPOV – Firstdata is a powerful reference for the Salesforce1 Plantform and another one of the ISV mentioned before who need the four capabilities of Salesforce Shield. Not as optional ‘nice to have’ features, but as basic operation capabilities needed from version one of a product.

·       “Salesforce Shield is going to provide a significant contribution to our infrastructure as
we continue to enhance our systems and processes to support the growing demand for
our products and services,” said Paul Aldridge, chief information officer, Genomic
Health. “The new platform allows us to transition more of our business into the cloud
environment, utilizing Salesforce technology to continue delivering practice-changing information to deliver care for cancer patients around the world.” […]

MyPOV – After an ISV with First Data, now a key company in need of building next generation application capabilities with the Salesforce1 Platform to master genome processing with Genomic Health. Salesforce is never short of blue chip, marquee reference customers.   

Now Every Company Can Build Trusted Cloud Apps Fast

Every industry is in the midst of an app revolution, and companies are turning to cloud platforms to help them deliver high-quality apps quickly.  […]   But in their rapid
transformation into app companies, businesses also need to ensure they are complying with
internal governance policies and industry regulations. Until now, businesses often were required to develop or integrate compliance features on their own, compromising innovation and speed. 

MyPOV – Good to see Salesforce expand the use cases to all enterprises. And next generation applications should be benefiting from capabilities as such as Salesforce shield is providing.

Now, with Salesforce Shield, IT departments and developers are empowered with drag-and-
drop tools to quickly create trusted cloud apps with auditing, encryption, archiving, and
monitoring built in, all delivered on the proven Salesforce1 Platform. 

MyPOV – Good to see that Salesforce spent some thought on the ease of use of these capabilities, too. All too often administrative and regulatory functions don’t receive much user experience love, making them cumbersome and inefficient to use. We recently saw a demo of the soon to be released Shield capabilities and they are native to the Salesforce1 Platform, and exposed at the same level as the rest of the Salesforce1 Platform capabilities.

Salesforce Salesforce1 Shield
How Salesforce Shield fits in the overall Salesforce Platform
Salesforce Shield includes:
  • Platform Encryption: Previously, companies would need to spend three to six monthsbuilding out hardware and software to implement encryption. Now, because Platform Encryption is native to the Salesforce1 Platform, customers can easily designate sensitive data to be encrypted while preserving important business functionality like search and workflow. For example, a health insurance company can manage designated personally identifiable information (PII) and protected health information (PHI             ), without compromising the ability of customer service agents to search, view, modify, or run workflows and other key functions using that data. Agents can now search claims, determine coverage eligibility, and approve payments with enhanced security while delivering great customer service.
MyPOV – A key capability for any modern platform, good to see Salesforce making encryption available for Salesforce. And good to see it can be selective, as brute force encryption creates another set of problems (organizationally, administration and performance wise).  

  • Data Archive: The explosion of data creation is forcing companies to think differently about storage options. Instead of storing large amounts of historical data that does not need to be accessed regularly in Salesforce or moving data to another location, companies can now keep their data in “nearline storage,” an option that provides fast access at reduced cost, on the Salesforce1 Platform. Using Data Archive, customers can store long-lived business data in the Salesforce1 Platform, while still benefiting from maximum app performance and data availability. For example, hospitals are required to store patient data for decades, but they can transfer that patient data into nearline storage and access it via simple queries when necessary. 
MyPOV – Advanced archiving and storage options are key for next generation applications, as the nature of these applications often deals with BigData volume or pushes into new applications that require different data handling (the sensitive storage of patient data is an example). Or next generation applications explore new use case scenarios, e.g. a patient relationship management system needs to bring together transactional information (from e.g. the Salesforce1 Platform) and large video data (stored locally).

  • Field Audit Trail: Businesses desire certainty that their data is accurate, complete and reliable, enabling them to meet stringent industry regulations. With Field Audit Trail, customers can track changes at the field level for up to ten years and set different  policies for each Salesforce object to ensure data is purged when no longer needed. Life sciences companies running clinical trials in Salesforce, for example, can now maintain a complete audit trail of patient data so they can safeguard the integrity of clinical trial results and comply with FDA regulations.
MyPOV – Audit trail has been a staple for enterprise applications since their very beginning of the mainframe. Ironically the state of field audit trail has only worsened since, as newer platforms were late or even never introduced the capability. So it’s good to see Salesforce adding audit trail capability at field level. Something that even benefits classic CRM scenarios (remember - ‘who has changed that forecast?’). The capability is easy to enable inside the Salesforce1 Platform.

  • Event Monitoring: Event Monitoring gives businesses unprecedented visibility into how their applications are being used and by whom. IT organizations can use Event Monitoring to see which users are logging into Salesforce, what information they are accessing, from where, and through what channel. Not only can companies now better understand how their Salesforce apps are being utilized, they can also monitor if users download large amounts of data that might put their business at risk. For example, wealth management firms can use Event Monitoring to determine whether financial advisors are capturing the right client data in Salesforce. In addition, they can also determine if an employee is unnecessarily downloading sensitive customer information, pinpointing the exact time and location of that event. 
MyPOV – Event monitoring is crucial for modern software. With more users coming from outside of the enterprise – consumers, customers, partners, freelancers and contractors and more, it is important to keep tabs on what is happening in an application user wise. But the same is valid for 3rdparty systems or events, something that Salesforce is not yet offering in this version. So a generic event monitoring capability will be something key for Salesforce to deliver in the (hopefully) not too distant future.

Turning on Salesforce Shield is easy – here it is a simple check box for File and Field 
Extending to all Native Salesforce1 Apps

Salesforce Shield also extends to the entire Salesforce partner ecosystem. Because it is part of the Salesforce1 Platform, now any app built natively on the platform can tap into its capabilities.
Salesforce Shield empowers independent software vendors (ISVs) and systems integrators
(SIs) alike to create an entirely new generation of apps that address corporate governance and industry requirements, and market and sell them on the Salesforce AppExchange, the world’s largest business app marketplace.

MyPOV – Very good move by Salesforce to tap into the ecosystem and bringing these capabilities to its ISV partners. With that move, Salesforce should see good and early adoption of the Salesforce Shield capabilities. On the flipside, partners that needed some of these capabilities have 3rd party solutions in place now that they need to extract first technically and then switch commercially. And these 3rd party vendors will not stand still, the ball is in their court now to respond to the threat that Salesforce Shield poses to their business.

Leading Global Companies Build Apps Faster with the Salesforce1 Platform

With the Salesforce1 Platform, companies can transform IT departments into centers of
Innovation and leapfrog the competition. Powered by the world’s #1 PaaS, leading brands like First Data and Genomic Health are building apps faster than ever before. With more than four million apps and two million developers, the Salesforce1 Platform is the trusted and proven platform for innovative companies around the world. The more than 4,100 customers that participated in a survey commissioned by Salesforce reported 52 percent faster application deployment, 50 percent faster new application design, 52 percent faster application configuration and 42 percent decrease in IT cost using the Salesforce1 Platform.

MyPOV – And fair enough to point to the large number of enterprise customers who have built their own applications on the Salesforce platform. They sure will be delighted to see the new Salesforce Shield capabilities. We expect enterprises to try Salesforce Shield features first for new applications, learn and then gradually retrofit existing applications (and replace 3rd party solutions in operation right now).

Pricing and Availability

  • Salesforce Shield will be priced at a percentage of a customer’s total Salesforce product spend. Customers can purchase components of Salesforce Shield together or individually.
  • Field Audit Trail, Event Monitoring, and Platform Encryption are generally available today; Data Archive is expected to be generally available next year.
MyPOV – Good move to make Salesforce Shield a percentage sale of the existing license, which makes pricing easy. Salesforce will have to hit the right price / value point to see good adoption for Salesforce Shield. And often Salesforce is all about announcements, so kudos that 3 out of 4 Salesforce Shield capabilities are generally available now.


Overall MyPOV

Good to see the rise of more powerful and functional rich PaaS platforms. Administrative, regulatory and compliance automation needs have traditionally been not supported, an afterthought or something left to 3rdparty vendors. So it is good to see that Salesforce is adding these capabilities, natively in the Salesforce1 Platform. It is also a smart move to add these and try to monetize them as they are added. We expect some of them to become commodities and basic platform features in the future, so Salesforce will need to make sure that pricing is competitive and that it keeps looking at the price / value relationship.

Little concern with the offering, the question really is what took Salesforce so long to offer these, or the surprise is that Salesforce has been able to grow and thrive as well as it has, not having these capabilities. As with every platform rollout the capabilities will be available gradually to Salesforce products and it will be good for Salesforce to offer a roadmap when Salesforce Shield will be available across all Salesforce products.

Overall a good move by Salesforce and it is good to see similar administrative features like the ones described in this initial release of Salesforce Shield becoming part of key PaaS capabilities. There can be little question that a PaaS level uptake is advantageous to the adoption of these administrative and compliance capabilities.