Data security was always a concern for web-based applications and now even more so for cloud-based environments where data is stored on shared resources. Join us for a look into the spectrum of security options through point-and-click development with a deep dive into best practices around creating secure applications from threats like SOQL Injection with tools like Security Health Check. This is the perfect talk for anyone working on the 201 or 401 certifications or anyone working to develop more secure systems.

Bring your laptops and join us for a combination of knowledge sharing and hands on training!

The Topics will include:

Is Force.com cloud computing platform secure, private, and trustworthy?

•  Security, Privacy, and Trust Enterprise Cloud Computing With Force.Com

•  Cloud Computing and Information Security Governance

•  Force.Com Cloud Platform Security

•  Force.Com Cloud Application Security

•  Force.Com Cloud Platform Privacy

Securing and Sharing Data

Data Access Concepts

Object Level Security – bluntly control access to data at the table level

Field Level Security - control access to data at the field level within profiles and permission sets

Record Level Security - control access to data at the record level.

•  Organization-wide defaults (OWD) specify the baseline level of access

•  Role hierarchies allow a manager access to subordinate’s records

•  Sharing rules allow automatic exceptions to organization-wide defaults for particular groups of users.

Profiles and Permission sets

Data Integrity

SOQL Injection

Recently discovered "Poodle Attack"