QUESTION:
How are encrypted fields handled by DemandTools?
ANSWER:
- Matching on encrypted fields:
- Users that have the "View Encrypted Data" permission on their Salesforce profile will be able to use an encrypted field in their matching.
- Depending on the mask chosen for the encrypted field, other users may be able to select the encrypted field for matching.
- DemandTools analyses the mask NOT the data behind the mask, if the enitre field is masked, every record with this field populated with the same number of characters will be returned as a match .
- Using Encrypted Fields in a Where Clause:
- Encrypted fields CANNOT be used in where clauses, i.e. cannot be filtered on, regardless of having "View Encrypted Data" permission.
- Note: This is NOT unique to DemandTools, you will have the same problem attempting to filter on encrypted fields in the Salesforce Data Loader and elsewhere.
- Encrypted fields CANNOT be used in where clauses, i.e. cannot be filtered on, regardless of having "View Encrypted Data" permission.
- Updating a Field with Data from an Encrypted Field:
- ONLY users with "View Encrypted Data" should attempt to update a field with data directly from an encrypted field (i.e. MassImpact "Update Value" using the "Field Tab"), otherwise the mask characters will be populated in the field being updated vs. the actual data.
Note: User may also want to review the following article: Are Validity Tools compatible with Shield Platform Encryption?
***Below is information on encrypted field use for clients also using PeopleImport and DupeBlocker***
Matching on encrypted fields:
- PeopleImport
- ONLY users that have the "View Encrypted Data" permission on their Salesforce profile will be able to use an encrypted field in their matching.
- DupeBlocker
- DupeBlocker can match on fields that are encrypted.
- The duplicate key that is created has the actual data in it vs. the encrypted data.
- The key field in DupeBlocker Potential Duplicate records will show the data, and it will not be encrypted in the key.
- Since the key is a required field on the DupeBlocker Potential Duplicate object there is no way to control the value entered into the key field.
- The Duplicate Key field can be hidden using field level security.
Using Encrypted Fields in a Where Clause:
- PeopleImport
- Encrypted fields CANNOT be used in where clauses, i.e. cannot be filtered on, regardless of having "View Encrypted Data" permission.
- Note: This is NOT unique to PeopleImport, you will have the same problem attempting to filter on encrypted fields in the Salesforce Data Loader and elsewhere.
- Encrypted fields CANNOT be used in where clauses, i.e. cannot be filtered on, regardless of having "View Encrypted Data" permission.