Security

You will be challenged to:

  • Identify different options to secure data in Marketing Cloud
  • Describe security best practices in Marketing Cloud

Key Management

  • What is it
    • Provides a method you can use to manage AES encryption and decryption options for your email messages and landing pages.
    • Use this feature to manage certificates and other security options regarding the encryption, decryption, and digital signing of email messages.
  • Asymmectric Encryption
    • Asymmetric encryption requires a pre-created certificate uploaded from your computer to your Salesforce Marketing Cloud account, which can be used for encrypted imports.
  • Symmetric Encryption
    • Symmetric encryption requires you to create a passphrase for use with the key.
  • Initialization Vector Encryption
    • Initialization vector encryption requires you to enter the block of bits to be used as the initialization vector. You can specify the 16-byte IV yourself.
  • Salt Encryption
    • Salt encryption requires a hex value longer than 8 bits for use as a salt value. The encryption uses random bits generated along with a password or passphrase. The salt value does not include a maximum length value. Use Salt keys to generate JWTs for custom Journey Builder activities.
  • SAML (Security Assertion Markup Language)
    • Allows you to provide either the required metadata or the URL from which to retrieve that metadata to use this feature. SAML allows you to exchange authentication information with an external authentication service to enable single sign-on functionality for users. This feature allows users to authenticate once for access to multiple systems.

SSL Certificate

  • SSL certificates keep online interactions private even though they travel across the public Internet, and they help customers gain the confidence to transact with your website.
  • 1 SSL will be used to secure 1 domain. 4 SSLs will be needed to secure clicks, views, images, and CloudPage domains

Encryption

Marketing Cloud Connector

  • Synchronized Data Sources
    • Data Encrypted in Sales and Service Cloud
    • MC re-encrypts data using field-level encryption symmetric key upon import
  • Reports and campaign sends
    • Support platform encryption
    • Both are encrypted in MC with field level encryption

Automation

  • Journey Builder Events
    • Does not support platform encryption through events
    • To maintain encryption: use field-level encryption with sychronized data extensions, instead of data imports
  • Automation Studio Imports
    • Does not support platform encryption
      • Data imported is not encrypted, even data from Sales and Service Cloud
    • To maintain encryption
      • Synchronize encrypted Salesforce opbjects with Synchronized Data Sources

Decrypt file on import

Encode functions Email and Cloudpages

Levels of Encryption

Transparent Data Encryption (Encryption At Rest)

  • Encryption at rest at the database level
  • No impact on application usage
  • Minimal performance overhead
  • Keys stored in FIPS Level 3 complient HSMs
  • No application layer encryption
  • Protects when physical access to media is compromised

Field Level Encryption (Encrypted Data Sending)

  • Encryption at rest at the field level (encrypted fields are visible but encrypted)
  • Requires key value and initialization vector when using encryption keys
  • Applies at the account level for new accounts
  • Implies limits on use of data within application to send-time only (decrypts at send)
  • Protects sensitive data within application
  • Can only be implemented on new instances
  • Cannot segment, filter, or query encrypted fields
  • Must use data extensions
  • Cannot report on encrytped fields
  • Cannot use auto-suppression lists
  • Must use subscriber keys for each contact/subscribers (should not encrypt sub keys)
  • Cannot encrypt data extensions through Email Studio (must use Contact Builder)
  • Only email and text data types can be encrypted
  • Only email channel is supported
  • Performance impact during encryption/decryption process (mostly for larger volumes)
  • Keys stored in dedicated application database key store
  • Key Management
    • Keys must be setup prior to encrypting data
    • Keys should ideally be rotated on a periodic basis
    • Following Key types supported
      • Salt
      • Symmetric
      • Asymmetric
    • Encryption Schemas supported (in sFTP)
      • PGP
      • GPG

Tokenized Sending

  • Off platform data storage (send data is not stored in SFMC)
  • API access at send time using token
  • Implies limits on use of data within application to send-time only (retrieves at send)
  • Safe to use with PII and PHI (personal health information)

Security Best Practices

  • Principle of Least Privilege
    • Every user, process or program must be able to access only the information and resources that are required for a legitimate purpose. Only bring in the data we need to achieve the outcomes.
      • Segmentation
      • Personalization
      • Data Modeling
  • Session Settings:
    • 20-minute Session Timeout (longer sessions for active users might be more practical)
    • Enable require Secure Connections (https) checkbox
  • Username and Logins:
    • Login Expires After Inactivity of 90 days or fewer
    • Value of 3 Invalid Logins Before Lockout
    • Usernames require at least 8 characters
  • Password Policies:
    • Set Minimum Password Length to at least 8 characters
    • Enforce Password History value to 8
    • User Password Expires in 90 days
    • Do not select Exclude FTP Users from Password Expiration
    • Always enable Send Password Change Confirmation Email
  • Roles and Permissions
    • "Deny" permission in any role or individual user prevents access to that feature, no matter what other roles are specific to that feature.
  • Data Export Settings:
    • Enforce Export Email Whitelist
  • API Integration Security
  • File Transfer Security