Salesforce DLP

Salesforce DLP

Detect & Redact PII or Sensitive Comments & Tickets - Salesforce DLP (Data Loss Prevention)

TL;DR: Strac's Solution for Salesforce DLP

  • Salesforce Service Cloud is the leading platform for organizations to handle customer service and support tickets are a major part of the product .
  • Customer support tickets often contain sensitive information that must be protected to comply with privacy laws and regulations.
  • Strac Salesforce DLP ( Data Loss Prevention) solution provides an automated way to detect and redact sensitive information in support tickets and attachments linked to them.
  • There is no way to manually redact sensitive information a customer support ticket initiated through email . Strac provides an automated way to do this.
  • See our video demo below to learn about how Strac Salesforce DLP and redaction works for email-to-case use-case
Sensitive Email Sent to Salesforce

The Challenge of Protecting Sensitive Data in Salesforce

Protecting sensitive information in Salesforce support tickets presents several challenges. Salesforce support tickets contain customer data and other sensitive information, and safeguarding this data is crucial to maintain data privacy, comply with regulations, and protect against potential security breaches. The following are some key challenges in this regard:

  1. Data Classification: Identifying and classifying sensitive information within support tickets is a fundamental challenge. Support tickets may contain various types of data, such as personally identifiable information (PII), financial details, login credentials, or confidential business information. Developing a robust data classification framework helps systematically identify and flag sensitive data for appropriate protection measures.
  2. Access Controls: Salesforce support tickets often involve multiple stakeholders, including support agents, administrators, and managers. Implementing fine-grained access controls is critical to ensure that only authorized personnel can access sensitive information within the tickets.
  3. Anonymization and Masking: To minimize the risk of exposing sensitive information inadvertently, it is essential to anonymize or mask certain data elements within support tickets. For example, PII like Social Security numbers or credit card details can be masked to protect customer privacy. Using a redaction solution helps mitigate the risk of unauthorized access or misuse of sensitive data.
  4. Third-Party Integrations: Many organizations utilize third-party applications or integrations with Salesforce for various support-related functions. It is crucial to assess the security measures these third-party providers implement to ensure that sensitive information is adequately protected throughout the support ticket lifecycle.
  5. Regulatory Compliance: Depending on the industry and geographical region, specific data protection and privacy regulations must be considered. For example, the General Data Protection Regulation (GDPR) in the European Union imposes strict requirements on the handling of personal data. Compliance with applicable regulations requires organizations to implement necessary controls and safeguards when dealing with sensitive information in Salesforce support tickets

How Strac Ensures Compliance and Protects Sensitive Data in Salesforce

Strac Salesforce DLP (Data Leak Prevention) software

  • It discovers (aka detects) sensitive messages & files from Salesforce Support tickets.
  • There is no way to edit information in a Support ticket initiated through email. Strac provides an automated way to detect and mask sensitive information on such tickets.
  • It masks (aka redacts or removes) sensitive messages and attachments from Salesforce Support tickets while allowing authorized users to view those messages/files in Strac UI Vault. With Strac's redaction experience sensitive PII or PHI data is blocked.
  • A business can configure a list of sensitive data elements (SSN, DoB, DL, Passport, CC#, Debit Card, API Keys, etc.) to redact. Compliance, Risk and Security officers will get audit reports of who accessed what messages.
  • Businesses can configure to get alerts - via email or slack
  • Business can configure SSO so that employees can authenticate themselves and access sensitive data if they are authorized to from Strac's Vault

To know more about sensitive data elements that are detected and masked by Strac visit :


Please contact for any questions