Salesforce.com utilizes some of the most advanced technology for Internet security available today. When you access our site using industry standard Secure Socket Layer (SSL) technology, your information is protected using both server authentication and data encryption, ensuring that your data is safe, secure, and available only to registered Users in your organization. Your data will be completely inaccessible to your competitors.
Salesforce.com provides each User in your organization with a unique user name and password that must be entered each time a User logs on. Salesforce.com issues a session "cookie" only to record encrypted authentication information for the duration of a specific session. The session "cookie" does not include either the username or password of the user. Salesforce.com does not use "cookies" to store other confidential user and session information, but instead implements more advanced security methods based on dynamic data and encoded session IDs.
In addition, salesforce.com is hosted in a secure server environment that uses a firewall and other advanced technology to prevent interference or access from outside intruders.
Security researchers seeking information on how to report security issues to salesforce.com should review our Vulnerability Reporting Policy.