To secure data-in-transit, Salesforce provides robust security measures to protect data both over the public internet and within the Salesforce trust boundary. Data-in-transit over the public internet is secured using TLS1.2 or higher connections, providing a strong layer of encryption for data traveling across public networks. Within the Salesforce trust boundary, data-in-transit benefits from an even higher level of security through the adoption of mutual TLS (mTLS) connections by implementing the Service Mesh architecture.
Infrastructure as Code (IaC)
This principle advocates for the use of code and scripting languages to automate the provisioning, configuration, and management of infrastructure resources. IaC treats infrastructure as if it were software, allowing these tasks to be defined and managed through code instead of manually setting up servers, networks, and other components. The deployment of workloads into the production environment and their configuration are completely automated using CI/CD pipelines, which eliminates the need for manual intervention.
Immutable deployments
This software deployment strategy ensures that the application and america phone number list its associated infrastructure are treated as immutable entities that never change once deployed. Instead of updating or modifying existing components, the strategy involves creating new instances of the application and infrastructure with each update or change. Adopting this strategy defends against any configuration drifts, privilege escalations, and unauthorized lateral movements within the production environment.
Just-in-Time access (JIT)
This security practice enables granting users, processes, applications, and systems an appropriate level of access for a limited amount of time, as needed to complete necessary tasks. Access is granted on a “need-to-know” basis and is strictly limited to only the necessary resources for a specific task or function. This time-bound, least-privilege-based access helps reduce the risk of unauthorized access to sensitive data.
Elasticity
The elasticity offered by the public cloud empowers to dynamically access compute capacity based on specific needs, enabling unparalleled flexibility and efficiency. With Hyperforce, resource deployment in the public cloud becomes a seamless and rapid process, further enhancing the benefits of elasticity. Moreover, by harnessing cutting-edge technologies such as Docker containers orchestrated by Kubernetes, the level of elasticity reaches new heights, delivering an exceptional and uninterrupted experience to our valued customers.