One Star

How secure is salesforce data when used with TalenD

I'm planning on creating an Talend as an ETL tool to migrate data between salesforce instances. I would like to know how secure is talend and is it saving the extracted data before sending it to the target environment?.
4 REPLIES
Moderator

Re: How secure is salesforce data when used with TalenD

Hi,
There are  basic and OAuth2 login type.
For OAuth2 login type, you can access Salesforce.com by entering your consumer key and consumer secret. This way, your user name and password will not be exposed, but extra work is required.
Please take a look at component references about:TalendHelpCenter:tSalesforceInput and TalendHelpCenter:tSalesforceOutput.

Best regards
Sabrina
--
Don't forget to give kudos when a reply is helpful and click Accept the solution when you think you're good with it.
Six Stars JR
Six Stars

Re: How secure is salesforce data when used with TalenD

I believe the question was not about securely logging in to Salesforce but if data extracted via tSalesforceInput or data imported via one of the tSalesforceOutput(XXX) components is stored anywhere on the server running the job which is out of control of the user. The short answer would be: yes if you are using the Salesforce Bulk API and probably no if you are using the SOAP API. You are telling Talend to use the Bulk API if you either select "Bulk Query" in the "Query mode" of tSalesforceInput or if you use tSalesforce(Output)BulkExec. In this case, you may find "unsecure" extracts in the server's temp directory (with almost random file names). As you are planning to do a migration, you will probably want to use the Bulk API. You will have to test your scenario with non-production data and have a look at the running user's temp directory. Everything else can be controlled in the job design and cleared up at the end of a job (which is definitely necessary).
By the way: any uncontrolled usage of the running user's temp directory, especially when using tSalesforceInput in bulk mode, should be changed. It should be possible to specify the location and the name of such temporary files in the Salesforce components.
One Star

Re: How secure is salesforce data when used with TalenD

Thank you JoRoesecke. Do you know if this job could be invoked from an Salesforce-apex code?. If yes, can we pass the source/target org details instead of manually entering it in Talend?.
Six Stars JR
Six Stars

Re: How secure is salesforce data when used with TalenD

The short answer is: do not try this unless you absolutely have to.
Long answer (just ideas):
If you want to start a Talend job from within Salesforce Apex code, one idea would be to expose a REST webservice created with Talend ESB. This webservice would need to be accessible by Salesforce, i.e. it must be exposed to the internet, which may raise quite some security discussions depending on your setup. This ESB service could then start your job. The ESB service could be started via a callout from Apex code.
If you can manage to set up CORS correctly, you could also think of starting your Talend job via Talend Metaservlet from a JavaScript in Salesforce. Unfortunately, I cannot tell you if this would work at all.
Please do not ask me how to set up CORS or how to create a Talend ESB job. There is a lot of information to be found on the WWW.