Salesforce is built on a multitenant infrastructure, which means that your apps are run on a shared data center, lowering costs and reducing the need to devote resources (time, money, and people) to maintenance. The robust and flexible security architecture of the Salesforce Platform is trusted by companies around the world, including those in the most heavily regulated industries — from financial services to healthcare to government — and it provides the highest level of security and control over everything from user and client authentication through administrative permissions to the data access and sharing model, including:
Org Security: Salesforce protects your organization's data from all other customer organizations by using a unique identifier that restricts access at every level to your data from anyone outside of your company — including us.
User Security: User authentication (both delegated and SAML) combined with network-level security by IP address, session restrictions, and audit trails provide control and visibility into what users are doing in the system and their field history.
Programmatic Security: Configurable, authenticated sessions secure access to logic, data, and metadata. Salesforce even offers a source code scanner that produces a report analyzing the security of your code.
Trust and Visibility: Trust starts with transparency. Salesforce displays real-time information on system performance and security, and offers tips on best security practices for your organization. Learn more at: trust.salesforce.com