Laserfiche WebLink
SOLICITATION # CH16012 <br />respective uses of the Salesforce services. Salesforce believes that these provide its customers the <br />flexibility to comply with laws with stringent privacy and security requirements. <br />Data In Motion <br />All transmissions between the user and the Salesforce Services are TLS encrypted with a 2048-bit <br />Public Key. The Services use International/Global Step Up TLS certificates, with AES 256-bit <br />encryption by default. <br />Data At Rest <br />Salesforce includes a feature to encrypt custom text fields (ECF): <br />The fields can be masked appropriately for specific data types (i.e., credit card number, Social <br />Security Number, National Insurance Number, Social Insurance Number). <br />Access to read the masked parts of the fields is limited by the ""View Encrypted Data permission, <br />which is not enabled by default. <br />Customers can manage their encryption key based on their organization's security needs and <br />regulatory requirements. <br />Encrypted fields are encrypted with 128-bit keys and use the AES (Advanced Encryption Standard) <br />algorithm. <br />Additional Salesforce Encryption Capabilities <br />Apex Code extends the powerful and proven success of the Force.com platform by introducing the <br />ability to write code that runs on Salesforce servers. This language makes possible the development <br />of a new class of application and features deployed entirely on demand. Using Apex, your Agency <br />can create user interface classes that utilize the Apex crypto class to encrypt field level data up to <br />AES 256-bit encryption. <br />Third Party Encryption Solutions (Additional License Option) <br />Should additional encryption be required, third party solutions such as CipherCloud, Skyhigh, and <br />PerspecSys are available on the Salesforce AppExchange. These solutions offer data loss <br />prevention, user activity and monitoring, malware protection, as well as data protection with <br />encryption and tokenization. Data can be encrypted and masked at rest, keys managed and stored in <br />Salesforce, and compliance controls to prevent unauthorized access to data and keys. <br />ServiceNow ServiceNow makes use of encryption for both data in transit and data at rest. ServiceNow provides <br />optional capabilities with regard to the encryption of data at rest within the system, which customers <br />can apply at their own discretion. <br />Encryption in Transit <br />ServiceNow customers access their instances over the Internet using forced Transport Layer Security <br />(TLS) encryption (AES128/256) for all user access. The level of encryption is based on the browser <br />and must be configured by the customer as ServiceNow does not modify any browser settings. All <br />attempts to access ServiceNow over HTTP are redirected to HTTPS. <br />Integration Encryption <br />For integrations such as LDAP and Web Services, ServiceNow provides customers <br />with the ability to encrypt traffic. LDAP can be configured to run over SSL, this requires customers to <br />provide a certificate for the specific LDAP server. Certificates may also be stored within an instance <br />to allow encrypted transmission for Web Services integrations. FTPS and SCP can be used as file <br />transfer methods to securely transfer files to ServiceNow. <br />Email Encryption <br />Customers may configure their instance to generate emails to their users from the instance. <br />ServiceNow provides the capability to receive email over TLS. Customers are able to configure their <br />carahsoft 122 carahsoft <br />