Salesforce and Data Protection: How to Stay In-cloud and Keep Compliance with Regulation

Georgii KapanadzeCompany news, Products and Solutions 1 Comment

Data protection in Customer Relationship Management systems has become one of the major concerns both for commercial companies and public sector.

Is storing customer data in the cloud safe and compliant with legislation?

Do companies really need to migrate to on-premises CRM systems to avoid draconian penalties and injured reputation?

And finally, how much spending does it imply?

In this article, we will analyse data security regulation on using cloud CRM systems, Salesforce in particular. We will also scrutinise a solution which allows to improve compliance and enjoy all the benefits of the cloud.

Why Is Cloud CRM So Tricky?

Many companies prefer to manage customer relations via the cloud. Unlike on-premise solutions, it provides great flexibility and convenience: you can access data from any device on the go and continue working from any location and time of the day. It also puts storage, maintenance and security on the shoulders of the service provider, and not yours. Cloud CRM is so popular that one of the major systems – Salesforce platform™ - even doesn’t have an on-premises equivalent. 

However, recent changes in legislation have set cloud CRM users on alert and demanded thoughtful decision making. 

The main restrictions on boundless cloud CRM usage come from: 

  • Data residency laws 
  • GDPR  
  • Field-specific data storage requirements 

Let’s see the details of each.  

    Data Residency Laws

    Depending on the country where your business operates, your customers’ data may have to be stored within the country borders. For example, China requires all customer data to be hosted on China-based servers; Australia controls its health records; Germany keeps its telecommunications metadata; Russia demands all personal data to be hosted in the country and so on.   

    It hadn’t been like this before. The changes were rolled out between 2014 and 2017 after 2013 Edward Snowden revelations on the US National Security Agency collecting masses of private data not only from American citizens but from around the world. Now in many countries certain industries are required to keep customer data on in-country servers. In this way, they are subject only to this country regulations and can’t be, for example, searched under warrant either from the US or other countries.  

    Of course, these changes contradict the idea of cloud computing and free exchange of data. Moreover, for some companies, they make using cloud-based CRM systems impossible. 

    It is also true that some CRM providers attempt to keep up with changes. Salesforce tries to expand their representation. As of January 2019, they have their data centres running in the following metropolitan areas: 

    • Chicago, Illinois, United States (USA)
    • Dallas, Texas, United States (USA)
    • Frankfurt, Germany (GER)
    • Kobe, Japan (JPN)
    • London, United Kingdom (UK): London, UK (North) & London, UK (West)
    • Paris, France (FRA)
    • Phoenix, Arizona, United States (USA)
    • Tokyo, Japan (JPN)
    • Washington, DC, United States (USA) 

      However, this variety doesn’t solve cloud computing issues of countries which are not on the list. And opening endless data centres is straightforward impossible. There is a better solution for working with Salesforce clouds and we will discuss it in this article. But first let’s check other restrictions.  


      The General Data Protection Regulation was adopted in 2016 and became effective on 25 May 2018. It defines how personal information of EU citizens and residents must be handled and foresees serious penalties for violation.  

      What does this regulation mean for CRM? Most importantly, the issue of ultimate responsibility. When you are using a cloud-based system for your CRM, who is more responsible for adhering to the rules? Under the GDPR, you as a company are a data controller, and your cloud CRM system provider is a data processor. According to Information Commissioner’s Office, controllers have more obligations under the GDPR than processors do, because they decide what personal data is collected and why, and exercise ultimate control over the information. Processors have fewer obligations and must be careful to only process personal data in line with the relevant controller’s instructions. 

      It means that if something goes wrong, you as a company are the ultimate to carry the responsibility and suffer financial and reputational losses, and not your CRM system vendor. Thus, having more control over customer data and documents is imperative nowadays. 

      Field-Specific Data Storage Requirements

      If you work in banking, finance, insurance or healthcare, for example, the abovementioned restrictions may seem childish for you. It is because certain business areas require state-of-the-art functionality and highest security at the same time. Does it mean they cannot use cloud-based CRM such as Salesforce? Not exactly. 

      Can I Be Compliant While Using Cloud-Based CRM?

      Although the consequences of violating the data protection legislation are intimidating, it doesn’t mean you need to say good bye to your cloud CRM system.  

      At Connecting Software, we have developed a solution which complements your efforts in adhering to data protection rules and allows to enjoy the best experience of Salesforce.  

      The solution is called Document Extractor. Let me explain how exactly it improves your business processes.   

      How Document Extractor Works

      The idea is simple but effective. When you upload a data item or a document to Salesforce, it is detected by Document Extractor service running at the background. It creates a copy of the file in SharePoint and a link pointing to the initial location. Finally, it deletes the file in Salesforce. For a user, there is no difference: although the data is not physically there, they see files where they were located.  

      As you see, we are not asking if you are familiar with SharePoint. If you are using Salesforce – one of the best CRM systems, chances are you have SharePoint, too – a great tool for document collaboration and storage. If not, you absolutely should.  

      So, Document Extractor monitors documents related to Salesforce accounts, contacts, leads, opportunities, quotes, contracts, orders, assets, and email messages and creates the appropriate folder structure on SharePoint, before placing the document there. 

      Thus, you enjoy the benefits of Salesforce such as enhanced communication and customer service, greater efficiency, automation and reporting, and at the same time upgrade compliance with the data protection rules because you are in more control over customer data and documents.   

      Document Extractor also transfers the information about the Salesforce document creator, editor and owner to SharePoint for easier tracking of the documents. Stubbed files have the same name and extension as the original files, and they are searchable from Salesforce Global search. 

      A very thoughtful feature of this product is the prevention of unintentional files overwriting. When the service finds two documents with the same name at the same location on Salesforce, it creates two documents on SharePoint and adds a postfix that allows both the files to exist on SharePoint.  

      The service is easy to launch, and hundreds of accounts already use it for customer relationship management.  

      Besides, although this particular product is developed for Salesforce, a similar cloud solution exists for SugarCRM. Moreover, Connecting Software released a Seamless Attachment Extractor for Dynamics 365.

      But What About Data Storage Costs?

      Although safety concerns are prevalent nowadays, the cost of data storage in the cloud also becomes critical for many companies. According to Salesforce reviews, its free data storage capacity is very small, and when free space is over, storage fees can get as huge as a yearly license itself. 

      Indeed, additional storage space from Salesforce is available in blocks of 50 or 500MB, with a price of $125/month for 500MB. Frustrating as it may be, we can understand Salesforce people, too: the system has been created for customer relationship management and not for document storage. There are other tools for that! 

      In these conditions, using SharePoint with Document Extractor can be revolutionary.  

      If you already use SharePoint, you only need Document Extractor, and it can be as cheap as $6 user/month. Appealing, right? 

      SharePoint is not expensive either, and you can even have a free version SharePoint Foundation. Try the trio Salesforce-Document Extractor-SharePoint, and you will exercise more control over your documents and save significant costs.  

      Stop Slowing Down Your System

      Complaints on Salesforce system slowing down are quite common on the web these days, and maybe you have experienced it yourself.  Do you imagine how much excessive information your CRM processes every day? All invoices, purchase orders, reports, copies of IDs etc. sit in your system, steal its space and harass its processing capacity.  

      Document Extractor can solve this issue as well. It will automatically move all documents from Salesforce to SharePoint and leave only links so that you can retrieve files when you need them. Many companies will find this feature handy but for those who operate large amounts of files this is mission critical. 

      What Is the Next Step?

      Data safety regulations are becoming so omnipresent they can’t be ignored. It is up to companies using Salesforce, to ensure the protection of their customers’ information. This means adhering to compliance laws defining where customer-related information shall be stored. And Document Extractor is a great solution for that. Compare Deployment Options and Pricing, then claim your free trial. Also, follow our blog to learn about new trends in the world of software integration and business productivity.  

      Comments 1

      1. Avatar for Elisa Walker

        Cloud computing has emerged as one of the most popular platforms due to its several profitable applications. However, a security breach due to the errors at the user end could cost a lot to small and medium scale businesses. Thus, a person should be aware of the factors which should be taken into consideration to avoid a security breach.

      Leave a Reply

      Your email address will not be published. Required fields are marked *

      For security, use of Google's reCAPTCHA service is required which is subject to the Google Privacy Policy and Terms of Use.

      I agree to these terms.