Encryption for Wave (Beta)

Add yet another layer of security and protection to your Wave analytics data by extending the Shield Platform Encryption capabilities to Wave data at rest. This change applies to Lightning Experience, Salesforce Classic, and all versions of the Salesforce1 mobile app.

The Wave Encryption at Rest services are built natively into the Wave platform. The solution applies strong, probabilistic encryption on data stored at rest. Platform encryption is based on the Advanced Encryption Standard (AES) with 256-bit keys using CTR mode and an initialization vector (IV) for every write. All operations, including sort and group-by, work the same as without encryption, except for key management.

The data you add to the database is encrypted on the Salesforce service, but archived data is not encrypted.



This release contains a beta version of encryption support for Wave analytics that is production quality but has known limitations. Contact Salesforce to activate it.