Here is a helpful glossary of Salesforce acronyms for General Data Management and Security you will hear.
Acronym | Meaning | Defintion |
2FA | Two-factor Authentication | Also an extra layer of security that proves a user trying to login to Salesforce is who they say they are. You will have seen this in action when creating/updating your password, and selecting a question (eg. “City you were born”) and a memorable answer. Note: 2FA has now been broadly replaced by MFA. |
CASL | Canada Anti-Spam Law | An anti-spam law that applies to all electronic messages (i.e. email, texts) organizations send in connection with a “commercial activity.” Its key feature requires Canadian and global organizations that send commercial electronic messages (CEMs) within, from or to Canada to receive consent from recipients before sending messages. |
CCPA | California Consumer Privacy Act | Similar to GDPR, CCPA applies to businesses that collect or use personal information of California residents (even if the business is not in California). |
CORS | Cross-Origin Resource Sharing | “Allows web browsers to request resources from other origins. For example, using CORS, the JavaScript for a web application at https://www.example.com can request a resource from https://www.salesforce.com.” (source). |
CSP | Content Security Policy | The Lightning Component framework uses CSP to impose restrictions on content. The main objective is to help prevent cross-site scripting and other code injection attacks. |
GDPR | General Data Protection Regulation | A legal framework that sets guidelines for the collection and processing of personal information from individuals who live in the European Union (EU). |
HIPAA | Health Insurance Portability and Accountability Act | Ensures that individual health-care plans are accessible, portable and renewable, and it sets the standards and the methods for how medical data is shared across the U.S. health system in order to prevent fraud. |
HMS | Hardware Security Module | “Used to provide cryptography processing and key management for authentication. Shield Platform Encryption uses HSMs to generate and store secret material, and run the function that derives data encryption keys used by the encryption service to encrypt and decrypt data.” (source). |
KMS | Shield Key Management Service | “Shield Platform Encryption uses data encryption keys to encrypt and decrypt data. Data encryption keys are derived on the Shield Key Management Service (KMS) using keying material split between a per-release master secret and an org-specific tenant secret stored encrypted in the database.” (source). |
MFA | Multi-factor Authentication | An extra layer of security that proves a user trying to login to Salesforce is who they say they are. MFA combines something you know (ie. password) with something you own (ie. mobile phone). There are Salesforce approved MFA methods (Salesforce Authenticator app, built-in authenticators, security keys). MFA was formerly two-factor authentication or 2FA. |
PII | Personally Identifiable Information | Any data that can be used to identify a specific individual: social security numbers, mailing or email address, and phone numbers have most commonly been considered PII For auditing purposes, in Salesforce, Admins can indicate that a field contains PII in the field definition in Salesforce Setup. |
SCV | Single Customer View | The concept of collating every data point and interaction that an individual (customer, prospect, or partner) has with an organization, accessible from one record. Also referred to as a “360-degree View”, Salesforce launched the “Customer 360” messaging to communicate that the tightly connected Salesforce platform can enable organizations to achieve this rich profile of each individual. |
SSL | Secure Sockets Layer | “Salesforce certificates and key pairs are used for signatures that verify a request is coming from your organization. They are used for authenticated SSL communications with an external web site, or when using your organization as an Identity Provider.” (source). |
SSO | Single Sign-on | Sign in to one system, and then be automatically signed into all the rest of the applications you need. Fewer passwords, fewer headaches, less tedium and it should enable you to get on with what you actually intended to do, rather than get bogged with admin stuff such as hunting around for where you put your password hint. |