+ Start a Discussion

Does platform encryption using Shield encrypt metadata?

Can someone point me to Salesforce articles which says about Shield encryption for metadata? 

Khan AnasKhan Anas (Salesforce Developers) 

Greetings to you!

Please refer to the below links which might help you further with the above requirement.



I hope it helps you.

Kindly let me know if it helps you and close your query by marking it as solved so that it can help others in the future. It will help to keep this community clean.

Thanks and Regards,
Khan Anas
Rufina ScottRufina Scott
Salesforce can run a background encryption process to traverse the database and file storage, decrypt existing encrypted data, and then re-encrypt the data using the new data encryption key.
Hrushi DasuHrushi Dasu
To the best of my knowledge Shield enables you to encrypt sensitive data at rest not metadata, however metadata is used for the below
When a Salesforce user saves encrypted data, the runtime engine determines from metadata whether to encrypt the field, file, or attachment before storing it in the database.

Leveraging Shield Platform Encryption’s HSM-based key derivation architecture, metadata, and configurations, Search Index Encryption runs when Shield Platform Encryption is in use. 

The core application determines if the search index segment should be encrypted or not based on metadata.

To restore a destroyed tenant secret, reimport it. The exported tenant secret is different from the tenant secret you uploaded. It’s
encrypted with a different key and has additional metadata embedded in it.

You can’t use Shield Platform Encryption with Custom Metadata Types.