Salesforce Acronyms for General Data Management and Security

Here is a helpful glossary of Salesforce acronyms for General Data Management and Security you will hear.

Thank you for reading this post, don't forget to subscribe!

Acronym	Meaning	Defintion
2FA	Two-factor Authentication	Also an extra layer of security that proves a user trying to login to Salesforce is who they say they are. You will have seen this in action when creating/updating your password, and selecting a question (eg. “City you were born”) and a memorable answer. Note: 2FA has now been broadly replaced by MFA.
CASL	Canada Anti-Spam Law	An anti-spam law that applies to all electronic messages (i.e. email, texts) organizations send in connection with a “commercial activity.” Its key feature requires Canadian and global organizations that send commercial electronic messages (CEMs) within, from or to Canada to receive consent from recipients before sending messages.
CCPA	California Consumer Privacy Act	Similar to GDPR, CCPA applies to businesses that collect or use personal information of California residents (even if the business is not in California).
CORS	Cross-Origin Resource Sharing	“Allows web browsers to request resources from other origins. For example, using CORS, the JavaScript for a web application at https://www.example.com can request a resource from https://www.salesforce.com.” (source).
CSP	Content Security Policy	The Lightning Component framework uses CSP to impose restrictions on content. The main objective is to help prevent cross-site scripting and other code injection attacks.
GDPR	General Data Protection Regulation	A legal framework that sets guidelines for the collection and processing of personal information from individuals who live in the European Union (EU).
HIPAA	Health Insurance Portability and Accountability Act	Ensures that individual health-care plans are accessible, portable and renewable, and it sets the standards and the methods for how medical data is shared across the U.S. health system in order to prevent fraud.
HMS	Hardware Security Module	“Used to provide cryptography processing and key management for authentication. Shield Platform Encryption uses HSMs to generate and store secret material, and run the function that derives data encryption keys used by the encryption service to encrypt and decrypt data.” (source).
KMS	Shield Key Management Service	“Shield Platform Encryption uses data encryption keys to encrypt and decrypt data. Data encryption keys are derived on the Shield Key Management Service (KMS) using keying material split between a per-release master secret and an org-specific tenant secret stored encrypted in the database.” (source).
MFA	Multi-factor Authentication	An extra layer of security that proves a user trying to login to Salesforce is who they say they are. MFA combines something you know (ie. password) with something you own (ie. mobile phone). There are Salesforce approved MFA methods (Salesforce Authenticator app, built-in authenticators, security keys). MFA was formerly two-factor authentication or 2FA.
PII	Personally Identifiable Information	Any data that can be used to identify a specific individual: social security numbers, mailing or email address, and phone numbers have most commonly been considered PII For auditing purposes, in Salesforce, Admins can indicate that a field contains PII in the field definition in Salesforce Setup.
SCV	Single Customer View	The concept of collating every data point and interaction that an individual (customer, prospect, or partner) has with an organization, accessible from one record. Also referred to as a “360-degree View”, Salesforce launched the “Customer 360” messaging to communicate that the tightly connected Salesforce platform can enable organizations to achieve this rich profile of each individual.
SSL	Secure Sockets Layer	“Salesforce certificates and key pairs are used for signatures that verify a request is coming from your organization. They are used for authenticated SSL communications with an external web site, or when using your organization as an Identity Provider.” (source).
SSO	Single Sign-on	Sign in to one system, and then be automatically signed into all the rest of the applications you need. Fewer passwords, fewer headaches, less tedium and it should enable you to get on with what you actually intended to do, rather than get bogged with admin stuff such as hunting around for where you put your password hint.