function readOnly(count){ }
Sign Up ›
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
Learn More

Browse by Topic
ShowAll Questionssorted byDate Posted
+ Start a Discussion
methymmethym 

Details on how database.com data residency option (DRO) will work

Anyone have any of the details on how database.com data residency option (DRO) will work? How does it get to your internal data? What are the limitations? Etc.?
mkeefemkeefe

I'm interested in this as well.

 

Matt
VB23VB23

Check out CipherCloud (ciphercloud.com). They basically do this for more than just Salesforce. Out of the box connectors include AWS, Box.net, etc.
chuckmortimorechuckmortimore

With DRO, customers can protect sensitive data locally and send unreadable versions of that data to Salesforce.   Data is either tokenized or encrypted before it arrives at the salesforce datacenter.  Keys to access that data remain under the customer’s control. When authorized users request the data from salesforce, DRO reverses the process and will present a readable version of the data to the user
TonnisthaTonnistha

Hi,

 

Anybody is having any working experience in DRO? Any idea how the architecture works beyond companies firewalls?

Please drop me a note in case of any knowledge.

 

 

Thanks,

T.Sarkar

 
eric_leacheric_leach

DRO proxies requests and responses made to/from salesforce. The proxying capability works for both web and API requests. The proxying capability may be deployed on a customer's network or by a 3rd party cloud service provider.

 

HTTP requests are parsed into something called an Intermediate Content Tree, which essentially takes the HTTP IDs of the data fields and converts them into XML and evaluates the ICT against policies which determine which fields need to be protected, whether they should be encrypted or tokenized, and which algorithm to use. Depending on the algorithm used by the encryption engine associated with the policy, you can preserve functionality of the application (things like search, sort, reports, etc.). 

 

The important bit here is that you control the policies and the keys that protect the data. It's also important to note that you can protect some data using the core security capabilities of the salesforce platform or Apex crytpo libraries.
sfarissfaris

Hi Eric,

 

Thanks, this information is awesome.  Do you know where we can get more information on DRO?  I don't think it's GA yet so very little is available online other than this:

 

http://docs.database.com/dbcom/en-us/db_help/dro_initial_setup.htm?version=180.0

 

Thanks.