How can I enable the shield encryption for existing custom fields in Salesforce?
My org has an existing number field SSN__c which has to be encrypted using shield. If I edit the field and enable encryption checkbox, which encryption will be enabled ? Standard encryption or Shield Encryption? (Yes, shield encryption is enabled ony sandbox.)
I have seen the cookbook example where they ask to create an encrypted text field. What if I have to encrypt custom phone or email or number fields using SHIELD?? Implementation guide didn't seem to have no info regarding these doubts.
What are the differences between shield and classic Encryption from an end user perspective? In UI, can they see any differences?
Best Answer
Thank you for your interest in shield encryption.
To answer your first question, the checkbox you're seeing will enable shield encryption on your existing SSN__c field. You can not enable classic encryption on an existing custom field, classic encryption comes with a dedicated type of custom field.
For your second question, shield encryption supports custom phone and custom email fields but not custom number fields. The list of all the fields that can be encrypted with shield encryption can be found here: https://help.salesforce.com/articleView?id=security_pe_overview_fields.htm&type=0
There are multiple differences between shield encryption and classic encryption. From an end-user perspective the main difference is that shield encryption does not provide masking capabilities similar to classic encryption. But the shield encryption comes with a more secure encryption scheme, control over the key lifecycle and a much larger support both in terms of what you can encrypt and platform features. You can find more information about the difference between the two here: https://help.salesforce.com/articleView?id=security_pe_comparison_table.htm&language=en_US&type=0