Connection to the Salesforce environment is via SSL 3.0/TLS 1.0, using global step-up certificates from Verisign, ensuring that our users have a secure connection from their browsers to our service.
NETWORK PROTECTION
Perimeter firewalls and edge routers block unused protocols
Internal firewalls segregate traffic between the application and database tiers
Intrusion detection sensors throughout the internal network report events to a security event management system for logging, alerts, and reports
A third-party service provider continuously scans the network externally and alerts changes in baseline configuration
DISASTER RECOVERY
The Salesforce service performs real-time replication to disk at each data center, and near real-time data replication between the production data center and the disaster recovery center
Data are transmitted across encrypted links
Disaster recovery tests verify our projected recovery times and the integrity of the customer data
REGULAR BACKUPS
All data are backed up to tape at each data center, on a rotating schedule of incremental and full backups
The backups are cloned over secure links to a secure tape archive
Tapes are not transported offsite and are securely destroyed when retired