Salesforce Platform Encryption dislike vs like

Even though salesforce platform encryption is most powerful future it’s having certain limitation. I am going to walk through those limitations and possible solutions.

What fields are supported?

Salesforce Platform encryption support below data types on both standard and custom object Custom fields.

  • Email
  •  Phone
  • Text
  • Text Area
  •  Text Area (Long)
  •  URL
  •  Date
  •  Date/Time
  • Encrypted filed can’t use in custom formula fields
  • You can’t use Schema Builder to create an encrypted custom field.
  • Fields that have the Unique or External ID attributes or include these attributes on previously encrypted custom fields can’t be encrypted:
  • Fields that are used in custom formula fields
  • Fields that are used in an account contact relation
  • On a custom object, the standard Name field can’t be encrypted.

General features limitations? 

  • Criteria-based sharing rules
  • Similar opportunities searches
  • External lookup relationships
  • Skinny tables
  • Filter criteria for data management tools
  • Duplicate Management matching rules
  • These apps don’t support encrypted data. However, you can enable encryption for other apps when these apps are in use.  Connect Offline • Data.com • Heroku (but Heroku Connect does support encrypted data.) • Marketing Cloud (but Marketing Cloud Connect does support encrypted data.) • Pardot (but Pardot Connect supports encrypted contact email addresses if your Pardot org allows multiple prospects with the same email address.) • Process Builder • Salesforce Mobile Classic • Salesforce IQ • Social Customer Service • Steelbrick • Thunder • Visual Workflow • Wave

SOQL/SOSL 

Encrypted fields can’t be used with the following SOQL and SOSL clauses and functions

– Aggregate functions such as MAX(), MIN(), and COUNT_DISTINCT()

– WHERE clause

–  GROUP BY clause

–  ORDER BY clause

We can use below small hints to overcome those limitations.

Hint 1: – Aggregate Result 

 In order to calculate aggregate data on encrypted field use apex code.

Hint 2: – Use SOSL instead of SOQL where conditions 

List<Account> acc= [Select Id ,Name From Contact Where Text__c= ‘123’];

The above query will fail at runtime if this is dynamic SOQL  with invalid strings return an INVALID_FIELD error instead of the expected MALFORMED_QUERY.   However, the Query can be replaced with the following SOSL statement

List<List<SObject> > acc= [FIND ‘123’ IN ALL FIELDS Returning Account(Id, Name, Text__c]

Hint 3: – ORDER BY clause

Instead of using order by clause, you can use custom apex sorting.

Hint 4: – Formula fields. 

you can use Workflows and Apex triggers to calculate the data instead of formulas on encrypted fields.