Even though salesforce platform encryption is most powerful future it’s having certain limitation. I am going to walk through those limitations and possible solutions.
What fields are supported?
Salesforce Platform encryption support below data types on both standard and custom object Custom fields.
- Text Area
- Text Area (Long)
- Encrypted filed can’t use in custom formula fields
- You can’t use Schema Builder to create an encrypted custom field.
- Fields that have the Unique or External ID attributes or include these attributes on previously encrypted custom fields can’t be encrypted:
- Fields that are used in custom formula fields
- Fields that are used in an account contact relation
- On a custom object, the standard Name field can’t be encrypted.
General features limitations?
- Criteria-based sharing rules
- Similar opportunities searches
- External lookup relationships
- Skinny tables
- Filter criteria for data management tools
- Duplicate Management matching rules
- These apps don’t support encrypted data. However, you can enable encryption for other apps when these apps are in use. Connect Offline • Data.com • Heroku (but Heroku Connect does support encrypted data.) • Marketing Cloud (but Marketing Cloud Connect does support encrypted data.) • Pardot (but Pardot Connect supports encrypted contact email addresses if your Pardot org allows multiple prospects with the same email address.) • Process Builder • Salesforce Mobile Classic • Salesforce IQ • Social Customer Service • Steelbrick • Thunder • Visual Workflow • Wave
Encrypted fields can’t be used with the following SOQL and SOSL clauses and functions
– Aggregate functions such as MAX(), MIN(), and COUNT_DISTINCT()
– WHERE clause
– GROUP BY clause
– ORDER BY clause
We can use below small hints to overcome those limitations.
Hint 1: – Aggregate Result
In order to calculate aggregate data on encrypted field use apex code.
Hint 2: – Use SOSL instead of SOQL where conditions
List<Account> acc= [Select Id ,Name From Contact Where Text__c= ‘123’];
The above query will fail at runtime if this is dynamic SOQL with invalid strings return an INVALID_FIELD error instead of the expected MALFORMED_QUERY. However, the Query can be replaced with the following SOSL statement
List<List<SObject> > acc= [FIND ‘123’ IN ALL FIELDS Returning Account(Id, Name, Text__c]
Hint 3: – ORDER BY clause
Instead of using order by clause, you can use custom apex sorting.
Hint 4: – Formula fields.
you can use Workflows and Apex triggers to calculate the data instead of formulas on encrypted fields.