What is Key Tenant Secret Rotation?

Rotation generates new tenant secrets while keeping archived secrets so historical data stays decryptable.

Why rotate tenant secrets?

Rotation is a security best practice and often a compliance requirement, limiting the impact of any potential key compromise.

Should you destroy old secrets after rotation?

Old secrets must be archived (not destroyed) because data encrypted with them needs them for decryption.

Key Tenant Secret Rotation

Administration🔴 Advanced

Definition

In Salesforce Shield Platform Encryption, the process of generating a new tenant secret to derive new encryption keys. Data is re-encrypted with the new keys while the old secret is archived for backward compatibility.

Real-World Example

At their company, the system admin at BrightEdge Solutions leverages Key Tenant Secret Rotation to control how users interact with Salesforce data and features. After configuring Key Tenant Secret Rotation in the sandbox and validating it with key stakeholders, they roll it out to production. User adoption improves because the interface now matches how teams actually work.

Why Key Tenant Secret Rotation Matters

In Salesforce Shield Platform Encryption, Key Tenant Secret Rotation is the process of generating a new tenant secret to derive new encryption keys. After rotation, new data is encrypted with keys derived from the new tenant secret, while the old tenant secret is archived (not deleted) so that older data encrypted with the previous keys can still be decrypted. Optionally, existing data can be re-encrypted with the new keys through a background process, though this isn't always necessary.

Key rotation is a security best practice that limits the blast radius of any potential key compromise: if a key is exposed, only data encrypted with that specific key is at risk, not the entire historical dataset. Compliance frameworks like PCI DSS often require periodic key rotation. Salesforce makes rotation accessible through the Setup interface, but rotation has implications for performance (during re-encryption) and key management (more keys to track). Mature organizations rotate on a regular schedule defined by their security policies.

How Organizations Use Key Tenant Secret Rotation

•Redwood Financial — Rotates tenant secrets annually as required by their banking regulator. The rotation generates new keys while archived secrets keep historical data accessible.
•Coastal Health — Documents their key rotation procedures and schedule for HIPAA compliance evidence.
•ShieldGuard Security — Built a runbook for key rotation with explicit approval steps because the operation has compliance and operational implications.