Salesforce Marketing Cloud and Data Residency Concerns

In a recently published article by Forbes titled "Maintaining Data Residency Requirements During A Complex Data Migration," it is highlighted that over 130 countries have enacted legislation with the intention of safeguarding data and privacy, and additional countries are actively developing similar legal frameworks. This prompts an inquiry into the strategies that organizations can employ to effectively safeguard and utilize sensitive data while simultaneously harnessing the benefits provided by cloud computing.

Salesforce Marketing Cloud has become one of the most recognizable names in Customer Relationship Management and digital marketing automation. Paired with its strong analytics software, Salesforce Marketing Cloud is a powerful tool that is trusted by thousands of organizations to help manage their digital marketing. In Canada, some provinces, industries, and organizations have strict regulations and contractual obligations about where data can be seen. These borders may be federal, provincial, or more specific depending on the organization. Regardless of how they are defined, these borders create a barrier for organizations that want to use the Salesforce Marketing Cloud platform but cannot allow data to be seen in the USA.

Additionally, the Personal Information Protection and Electronic Documents Act (PIPEDA – a Canadian federal law) also creates a barrier between Canadians and Salesforce Marketing Cloud. PIPEDA outlines how organizations must use, collect and disclose the personal information of their consumers. While this act doesn’t explicitly restrict organizations from storing data outside of Canada, it does hold businesses responsible for how data is collected, processed, or transmitted. This can put an organization at risk if its consumer's data is stored in a country with different or more lenient data security regulations.

With all of these barriers in place, using Salesforce Marketing Cloud becomes a complex issue for non-American organizations hoping to use the platform. DataStealth provides a solution.

The Solution:

DataStealth is a revolutionary cybersecurity solution that addresses the concerns of data residency. By enacting a customizable data protection policy and transforming sensitive information before it leaves an organization’s IT environment, DataStealth eliminates the risk of storing data outside of one’s borders by eliminating the need to use real data itself. With DataStealth in place, non-American organizations can confidently use Salesforce Marketing Cloud without transmitting real data and while complying with their data residency obligations.

How does it work?

When using Salesforce Marketing Cloud, many features require organizations to disclose consumer’s personally identifiable information to function properly (ie. email campaigns would require consumers’ email addresses and first and last names). When providing this information, DataStealth sits in the line of traffic between the organization and Salesforce Marketing Cloud and analyzes what information is being sent. DataStealth then tokenizes any sensitive information before it leaves the border. The tokenized data looks, acts, and feels like real data, and is used seamlessly by Salesforce Marketing Cloud to execute campaigns. When emails are sent to consumers, the data hits DataStealth upon re-entering the border, and the tokenized data is transformed back into its original form. It is then sent to the consumer’s inbox, in the proper format and with the correct information in place. This process is transparent to both users and consumers and has no impact on Salesforce Marketing Cloud's features or functionality.