Salesforce Platform is built on a multitenant infrastructure, which means that your apps are run on a shared data center, lowering costs and reducing the need to devote resources (time, money, and people) to maintenance. The robust and flexible security architecture of the platform is trusted by companies around the world, including those in the most heavily regulated industries — from financial services to healthcare to government — and it provides the highest level of security and control over everything from user and client authentication through administrative permissions, to the data access and sharing model, including:
Org Security: Salesforce protects your organisation's data from all other customer organisations by using a unique identifier that restricts access at every level to your data from anyone outside of your company — including us. User Security: User authentication (both delegated and SAML) combined with network-level security by IP address, session restrictions, and audit trails provides control and visibility into what users are doing in the system and their field history.
Programmatic Security: Configurable, authenticated sessions secure access to logic, data, and metadata. Salesforce even offers a source code scanner that produces a report analysing the security of your code.
Trust and Visibility: Trust starts with transparency. Salesforce displays real time information on system performance and security, and offers tips on best security practices for your organisation. Learn more at: trust.salesforce.com