Ensure GDPR compliance with Salesforce backup best practices | The complete Salesforce DevOps solution
Also known as General Data Protection Regulation, the GDPR is one of the European Union’s most stringent set of rules on data privacy across the world, applicable to any company that stores data of EU residents.
Get GDPR wrong, and your company could be facing a fine of up to billions, like Meta having to pay $1.3bn in 2023 for transferring personal data of Facebook users to servers in the US.
In this blog we’ll look at some of the requirements for GDPR compliance, best practices to ensure your backups also comply with these and how Gearset can take the stress out of GDPR.
What’s covered by GDPR?
There are 99 articles in the GDPR outlining the regulations that companies need to comply with if they’re holding data of EU citizens. Here are some of the key articles to be aware of:
- Data minimization and storage limitation — Article 5 states that businesses should limit the collection of personal information to only what is relevant and necessary, and only store the data for as long as it’s needed. A data protection impact assessment could be carried out to identify and minimize data protection risks.
- Right to erasure — Article 17 gives customers the ‘right to be forgotten’, by requesting that their data is deleted within a reasonable timeframe, stopping further distribution of their data.
- Data encryption and security — Article 32 requires data controllers and data processors to implement appropriate measures to secure data, including platform encryption of personal data, and these processes should be regularly evaluated to ensure effectiveness in case of a data breach.
- Data availability — Article 32 also states that the availability of personal data should be restored quickly if a physical or technical incident occurs.
Is data stored in Salesforce GDPR compliant?
Salesforce is committed to customer success and has taken steps to help their customers be GDPR compliant. The Salesforce data processing addendum (DPA) includes a strong framework on data transfer, to ensure data transferred to Salesforce data centers outside of the European Union is lawful and compliant with GDPR. Plus the architecture, auditing and certification of major Salesforce services is highly secure, with more information available in their Trust and Compliance documentation.
Salesforce also offers ‘Salesforce Shield’ which is a set of security tools (platform encryption, event monitoring and field audit trail) that help with compliance and governance — this is a paid add-on that comes with a high price tag.
Data backup best practices for GDPR compliance
The data availability requirements in article 32 mean you’re at risk of breaching GDPR if Salesforce experiences a major outage — that’s why relying on Salesforce to ensure your company is complying with GDPR isn’t enough. Without backups in place, companies would struggle to restore the accessibility of personal data if a major Salesforce incident occurred.
Although backups are key to help a company stay GDPR compliant, it can’t be forgotten that these backups are also a compliance risk too. Here are some best practices to keep in mind while configuring and managing your Salesforce data backups, to make sure you’re complying with the GDPR.
1. Use third-party backup solutions
It’s a common misconception that Salesforce automatically backs up data — the shared responsibility model means Salesforce is responsible for the cloud services and infrastructure but a company is responsible for making sure their org’s metadata and data is backed up.
While Salesforce provides backup as a paid add-on, those backups wouldn’t be accessible in the case of a major Salesforce outage, making it a good idea to keep backups separate with a third-party tool.
Some teams opt for an in-house or self-built backup solution. Keep in mind that it takes a lot of work, time and money to look after self-built backup solutions to ensure they’re safe and GDPR compliant. A third-party backup solution can take this stress away.
2. Ensure records can be deleted easily
The right to erasure can be particularly difficult when it comes to backups. Supervisory authorities understand that it usually takes a lot of time and effort for companies to search through the mountains of backups for a specific customer’s data, and that it’s sometimes not feasible for companies to do so. But the guidelines for these situations are unclear. For example, France’s GDPR supervisory authority requires companies to provide proof that it isn’t possible to search through individual backups, and the company must outline how long the data backups will be kept. Meanwhile, the Danish GDPR supervisory authority says data must be deleted from a backup when it’s technically possible without specifying exactly what this means.
It’s safer to have an easy-to-use system to be able to search through backups and delete records rapidly, rather than having to provide evidence that deletion isn’t possible and being stuck in a legal gray area.
3. Limit and regularly review access to your Salesforce data backups
Even within a business, it’s important to make sure no one has access to personal data unless it’s absolutely necessary — the more people have access to data, the greater the level of risk. Setting up strict access limitations for Salesforce backups, and regularly reviewing permissions, helps minimize the possibility of data being accessible to the wrong people.
Depending on the backup solution in place, it can be a cumbersome process to check exactly who is able to view, edit, or even delete backups. Ideally, a backup solution should give easy visibility of all the permissions associated with a backup job, as well as showing the level of access each user has.
4. Continually delete old backup runs
Although the GDPR doesn’t have a specific data retention policy dictating how long a company should or can keep personal data, the data minimization requirements mean data can’t be kept any longer than is necessary. So companies must justify the period of time they keep data not only in their orgs but in backups too.
Deleting old backups runs on an on-going basis helps ensure that you don’t accidentally keep data longer than is necessary. To make the process more efficient and less time consuming, find a solution that will automatically delete backup runs after a specified period of time.
Make GDPR compliance simple with Gearset backup
If you’re storing the data of EU citizens then backups are vital for GDPR compliance — but it can be overwhelming working out where to start. Here are some of the ways that Gearset’s backup solution takes the stress out of GDPR compliance:
1. Easily delete records from your backup history
Gearset allows you to easily delete records from all backup runs, by selecting Remove records from backup history.
You can delete up to 10,000 records from the entire history of your backup job in a matter of clicks, making the right to erasure quick and simple.
2. Configure access permissions
Configure custom backup access for members of your Gearset team, to make sure no one has unnecessary access to your customer data. If you want to review and change user access down the road, go to Edit job > Edit settings > Permissions to quickly view and edit permissions for your backup job.
3. Customized data retention policies
Make data minimisation straightforward with customized retention policies. Select exactly how long you want your data backups to be stored and Gearset will automatically delete the data when the retention window is reached.
4. Rigorous security standards
Ensuring our users’ information is secure at all times is our top priority; we’re ISO 27001 certified, carry out regular penetration testing and maintain 24/7 intrusion detection. All backups are securely hosted on AWS servers, meaning your data is safe in the case of a Salesforce incident. And data is encrypted in transit and at rest – you can set up BYOK too.
Find out how Gearset can help you be GDPR compliant
Speak to our team to hear more about how Gearset can help you back up your data in a GDPR compliant way. Check out our backup ebook for more information on securely backing up your Salesforce data and restoring effectively.