The potential of AI agents, like those powered by Agentforce, to revolutionize business processes is immense. From automating customer service interactions to assisting employees with complex tasks, agents promise unprecedented efficiency and personalized experiences. Yet, as organizations lean into this future, a critical question looms large: Can we truly trust AI agents with our most sensitive data and fundamental operations?
The reality is, deploying AI at scale brings significant challenges. According to recent research, nearly half (48%) of IT leaders worry their data foundation isn’t ready for AI, and 55% lack confidence in implementing AI with appropriate guardrails. These concerns aren’t just about preventing isolated errors; they’re about ensuring compliance, protecting privacy, maintaining data integrity, and ultimately, building customer trust.
At Salesforce, trust has been our #1 value for over 25 years. We’ve built our deeply unified platform with security and governance embedded from the ground up, evolving alongside the technological landscape – from cloud and mobile to predictive AI and now, generative AI and Agentforce. Enabling organizations to leverage powerful new technologies safely and responsibly is fundamental to our mission.
Deploying trusted AI agents requires more than just powerful models. It requires a holistic approach rooted in a secure and well-governed data foundation, secure development practices, and continuous oversight throughout the AI lifecycle. Our deeply unified platform provides the comprehensive capabilities needed to meet this challenge head-on.
1. Establishing a unified and governed data foundation
AI agents are only as reliable and trustworthy as the data they access and act upon. This starts with ensuring your core CRM and broader Salesforce application data are secure, compliant, and resilient. Our platform provides integrated solutions designed for this purpose:
- Ensuring data resilience: Solutions like Salesforce Backup & Recover (formerly Own Recover) provide automated backups and precise restoration, ensuring 100% protection of critical Salesforce data and metadata. Coupled with Salesforce Archive, organizations can meet retention policies while maintaining performance. You can’t build trusted AI on a fragile data foundation.
- Protecting sensitive data for development and testing: Safely developing and testing AI agents requires realistic data, but exposing sensitive production data creates risk. Data Mask & Seed protects and seeds Sandbox data at scale, enabling secure and efficient testing environments.
- Enhancing visibility and security posture: Tools like Shield 2.0 offer greater visibility into user activity and proactive threat detection, crucial for monitoring how AI agents and users interact with data. Security Center 2.0 simplifies security posture management with faster data classification and risk assessment.
Beyond core CRM, effective AI agents often need to leverage data from across the enterprise. This is where Salesforce Data Cloud is crucial — it brings together all of the structured and unstructured data to deliver a unified and trusted view of the customer that’s actionable against all front office applications. Data Cloud Governance provides high-scale governance of data and metadata to manage, access, and enforce consistent policies across all surface areas in Data Cloud.
- AI-based tagging and classification: With AI-recommended tags, admins can automatically label and classify records — for example, marking data as “HIPAA,” “GDPR,” or “PII” to ensure data is managed and protected consistently. These tags follow a business or compliance framework that fits any organization’s needs.
- Policy-based governance: Helps easily author, manage, and enforce consistent, fine-grained policies (field, object, record level) across all your data. These policies automatically apply everywhere in Data Cloud, ensuring data is secure and consistent across all features like Agentforce, Analytics, and Segmentation.
- Data spaces: Segregate data, metadata, and processes by brand, BU, and region such that each business unit can maintain control over its own data while still only using one instance of Data Cloud.
- Dynamic data masking policies: Helps create a masking policy to assist in keeping sensitive information secure by automatically hiding or showing data based on who’s accessing it.
2. Securing AI agent interactions and extending governance to APIs
AI agents, including those built with Agentforce, often interact with other systems and data sources via APIs. Securing these connections is paramount to prevent vulnerabilities. Our MuleSoft API Management Solution allows organizations to protect, manage, and govern every API, enforcing security policies and best practices. Critically for agents, MuleSoft Flex Gateway supports protocols like Agent2Agent (A2A) and Model Context Protocol (MCP), enabling secure and governed interactions between agents and external systems.
3. Building, testing, and deploying trusted AI agents with built-in guardrails
Confidence in deploying Agentforce comes from rigorous testing and inherent controls. Our deeply unified platform provides capabilities to build trust into the Agentforce lifecycle:
- Secure development and testing environments: Utilize secure Sandbox environments and the Agentforce Testing Center for safe development and rigorous testing using realistic data in isolated environments. Enhancements like synthetic data generation and state injection speed up this crucial phase.
- Granular agent controls: Within Agentforce itself, capabilities like Variables and Filters allow builders to control how agents reason and what actions they can take based on context. Instruction Adherence Checks help monitor agent behavior against intended instructions, providing alerts for deviations and facilitating troubleshooting.
4. Safeguarding data in every prompt
A core innovation built into the Salesforce Platform is the Trust Layer. This secure intermediary sits between the user interface/agent and the Large Language Models (LLMs). It enables trusted and safe AI usage by applying safeguards like:
- Configurable data masking: Automatically removes or masks sensitive data before it leaves the Salesforce boundary for processing by the LLM.
- Zero data retention: Prevents sensitive data from being stored by the LLM provider.
- Input and output toxicity detection: Helps identify and flag potentially harmful or biased language.
This built-in layer means companies can leverage the power of generative AI without compromising sensitive customer information.
Revolutionizing patient care: How Precina unlocks real-time patient insights for accelerated care
Precina knew it could ensure real-time access to relevant patient data – from lab results to prescriptions to telehealth records – by integrating systems and streamlining workflows with Agentforce to ensure secure and HIPAA-compliant unification of patient data. This would accelerate care delivery and support the company’s expansion to meet growing demand. As Josiah Bryan, CTO and Lead AI Researcher at Precina, noted, “Salesforce invests so beautifully and so heavily in cybersecurity that we can trust Salesforce to take care of our patients’ data as well as we take care of our patients.”
In this healthcare example, see how unified and governed data fuels safe and secure Agentforce interactions with patients:
The path forward
The promise of AI for the enterprise is clear, but realizing it requires a deliberate focus on trust, security, and governance.
As Rahul Auradkar, executive vice president and general manager, Data Cloud, states, “We have been building secure, trusted solutions for over 25 years… and we are uniquely positioned to help companies navigate this next technological evolution. By seamlessly unifying data in Data Cloud, providing intuitive low-code tools to build smarter agents, and embedding governance and security from the ground up, we are empowering every customer to deploy enterprise-grade AI that is both powerful and responsible.”
Moving beyond AI pilots to enterprise-wide deployment demands a platform where trust is non-negotiable. By providing unified data access, powerful development tools, and robust, built-in security and governance, Salesforce empowers organizations to confidently deploy intelligent AI agents and applications, including those built with Agentforce, that drive real business value, enhance customer experiences, and increase operational efficiency – securely and responsibly.
Learn More
To get started with Trusted Services:
To get started with Data Cloud Governance:
To get started with MuleSoft API Management Solution:
To get started with Agentforce:
