Data security was always a concern for web-based applications and now even more so for cloud-based environments where data is stored on shared resources. Join us for a look into the spectrum of security options through point-and-click development with a deep dive into best practices around creating secure applications from threats like SOQL Injection with tools like Security Health Check. This is the perfect talk for anyone working on the 201 or 401 certifications or anyone working to develop more secure systems. Bring your laptops and join us for a combination of knowledge sharing and hands on training! The Topics will include: Is Force.com cloud computing platform secure, private, and trustworthy? • Security, Privacy, and Trust Enterprise Cloud Computing With Force.Com • Cloud Computing and Information Security Governance • Force.Com Cloud Platform Security • Force.Com Cloud Application Security • Force.Com Cloud Platform Privacy Securing and Sharing Data Data Access Concepts Object Level Security – bluntly control access to data at the table level Field Level Security - control access to data at the field level within profiles and permission sets Record Level Security - control access to data at the record level. • Organization-wide defaults (OWD) specify the baseline level of access • Role hierarchies allow a manager access to subordinate’s records • Sharing rules allow automatic exceptions to organization-wide defaults for particular groups of users. Profiles and Permission sets Data Integrity SOQL Injection Recently discovered "Poodle Attack"
November 9 – 10, 2014
10:00 PM – 12:00 AM UTC