Now that most of the cultural barriers to adopting cloud services are gone, organizations find themselves contending with the privacy and compliance ramifications of running workloads outside the safety of the firewall. That often involves spending months on building out security features, a delay that Salesforce.com hopes to eliminate with the latest addition to its cloud-based application service.

Shield is a set of pre-built security capabilities that developers can access the same way as the other capabilities of the Salesforce1 Platform without worrying themselves about the underlying implementation. That not only helps remove complexity from projects but also takes the burden of keeping the security functionality up to date with the evolving threat landscape off organizations’ shoulders, which is particularly important on the encryption front.

Shield provides customers the ability to control exactly who can access which parts of the data they store on Salesforce1 and in what form. A healthcare provider, for example, could harness the service to scramble personally identifiable information in patient records and enable staffers to search the rest unhindered.

Being able to provide that kind of accessibility is becoming especially important with the rise of analytics solutions such as Salesforce.com’s own Wave business intelligence service that are being used to scan previously untapped records for business insights. Equally important is  the matter of how to cost-effectively store all the data that is being ingested as a result of that trend, which Salesforce.com is also trying to address with the archiving option included in Shield.

The service lets organizations keep their historical information on a so-called nearline medium that exploits the economies of offline storage but can still provide relatively quick access when the need arises. Like the encryption module, this feature is  geared mainly towards companies in sensitive industries, a focus that also extends to the third component of Shield.

Event Monitoring is, as the name implies, a logging tool that records what employees are doing in applications running on Salesforce1. That visibility is useful both for optimizing user experience and catching suspicious activity, which has never been a higher priority for the hospitals, banks and other heavily-regulated companies that the company is targeting with the new security functions.

Customers will be able to store those logs for up to ten years using the auditing tool that rounds out the bundle, which also includes capabilities for automatically deleting data after a set amount of time. That fills in the final missing piece of the cloud security puzzle, turning Salesforce1 into a much more attractive option for organizations shifting their workloads beyond the firewall.

And that in turn makes the platform equally appealing for the partners targeting those organizations, which will be able to incorporate the capabilities of Shield into the value-added applications they sell through Salesforce.com’s AppExchange. That is set to add yet another important dimension to company’s cloud value proposition.

Photo via TimsTolalPhotography