When handling sensitive data like Controlled Unclassified Information (CUI) or information governed by International Traffic in Arms Regulations (ITAR), it’s crucial to ensure that the systems processing this data comply with stringent government regulations.
CUI encompasses various types of sensitive information that require safeguarding or dissemination controls, as defined by the U.S. government. Similarly, ITAR controls the export and handling of defense-related articles and services. Due to the sensitive nature of this data, storing or processing it in a standard commercial Salesforce instance is not appropriate or compliant with these regulations.
Instead, organizations must use secure environments, such as SharePoint in a GCC High (Government Community Cloud High) environment specifically designed to meet federal security and compliance requirements. This blog post will guide you through the process of configuring Salesforce to ingest file uploads containing restricted information in a way that will securely write them to a compliant SharePoint repository, ensuring that your organization adheres to the necessary regulatory standards.
Implementing a Compliant Upload process in Salesforce
Managing a Salesforce file upload requires selecting the right component, especially when dealing with large files or adhering to strict compliance standards like ITAR (International Traffic in Arms Regulations) and Controlled Unclassified Information (CUI). Understanding the differences between lightning-input type=file and lightning-file-upload can ensure that your Salesforce file upload processes are both efficient and compliant with these critical regulations. In the following sections, we’ll explore their differences, focusing on their capabilities, limitations, and the most suitable use cases.
Using lightning-input type=file for Salesforce File Upload
Overview
lightning-input type=file is a versatile Lightning Web Component (LWC) that allows users to select files from their device. This component offers flexibility for custom file-upload implementations.
Advantages
- Flexibility: Customizable using JavaScript to handle file uploads according to specific needs.
- External Integration: Suitable for uploading files to external systems, like SharePoint, especially when compliance requirements are a factor.
Disadvantages
- Manual Handling: Requires custom implementation for handling large files, including chunking and managing upload processes.
- Complexity: More complex to set up compared to lightning-file-upload due to the need for custom logic.
File Size Limitations
There is no inherent file-size limit imposed by lightning-input type=file, but the Salesforce backend restricts file uploads to 3.5 MB from this component. If, however, files do not need to be stored or uploaded directly to Salesforce, this component can be used in combination with custom JavaScript logic to send the file to another location such as SharePoint.
When files need to be uploaded to SharePoint for CUI/ITAR compliance, lightning-input type=file allows you to implement custom JavaScript to handle the upload process, ensuring files do not pass through Salesforce storage.
Example Scenario
When files need to be uploaded to SharePoint for CUI/ITAR compliance, lightning-input type=file allows you to implement custom JavaScript to handle the upload process, ensuring files do not pass through Salesforce storage.
<template>
<lightning-input
type="file"
label="Select File"
onchange={handleFileChange}>
</lightning-input>
</template>
<script>
import { LightningElement } from 'lwc';
import uploadFileToSharePoint from '@salesforce/apex/FileUploadController.uploadFileToSharePoint';
export default class FileUploader extends LightningElement {
handleFileChange(event) {
const file = event.target.files[0];
this.uploadFileInChunks(file);
}
async uploadFileInChunks(file) {
const CHUNK_SIZE = 750000; // 750 KB
const totalChunks = Math.ceil(file.size / CHUNK_SIZE);
let start = 0;
const uploadURL = await this.getTemporaryUploadURL();
for (let i = 0; i < totalChunks; i++) {
const chunk = file.slice(start, start + CHUNK_SIZE);
await this.uploadChunk(chunk, uploadURL);
start += CHUNK_SIZE;
}
}
getTemporaryUploadURL() {
// Call Apex to get a temporary upload URL
return uploadFileToSharePoint();
}
async uploadChunk(chunk, uploadURL) {
// Logic to upload the chunk to the external URL
const response = await fetch(uploadURL, {
method: 'PUT',
body: chunk
});
if (!response.ok) {
throw new Error('Failed to upload chunk');
}
}
}
</script>
Using lightning-file-upload for Salesforce File Upload
Overview
lightning-file-upload is a Salesforce Lightning Web Component designed to facilitate file uploads directly into Salesforce. It’s user-friendly and integrates seamlessly with Salesforce objects.
Advantages
- Seamless Integration: Directly uploads files to Salesforce records.
- User Experience: Consistent with Salesforce’s Lightning Design System, offering a smooth user experience.
- Handling Large Files: Built-in support for chunking large files (up to 2 GB).
Disadvantages
- Salesforce Storage: Files are stored in Salesforce, which may not meet specific external compliance requirements like CUI/ITAR.
- Limited Flexibility: Less customizable compared to
lightning-input type=filefor integrating with external systems.
File Size Limitations
- Individual file uploads can be up to 2 GB, and the component handles chunking automatically.
Example Scenario
When files need to be attached to Salesforce records and stored within the Salesforce system, lightning-file-upload is ideal.
<template>
<lightning-file-upload
label="Attach File"
name="fileUploader"
accept=".pdf"
record-id={recordId}
multiple>
</lightning-file-upload>
</template>
Choosing the Right Tool
Choosing the Right Tool for the Job
When the destination for the files is not Salesforce, and you need to comply with regulations like CUI or ITAR by storing files in an external system like SharePoint, lightning-input type=file is the preferred approach. This method provides the necessary flexibility to handle compliance-specific requirements and direct file storage in external systems.
Steps to Implement with lightning-input type=file
- File Selection: Use
lightning-input type=fileto allow users to select files. - Chunking Logic: Implement JavaScript to handle large files by splitting them into manageable chunks.
- Temporary Upload URL: Use Apex to acquire a temporary upload URL or access token for the external system.
- Direct Upload: Upload the file chunks directly to the external system using the temporary upload URL.
By contrast, if your goal is to leverage Salesforce’s built-in functionalities and you don’t have stringent external storage requirements, lightning-file-upload offers a streamlined, user-friendly solution for managing file uploads within the Salesforce ecosystem.
Conclusion
Understanding the nuances between lightning-input type=file and lightning-file-upload is essential for Salesforce developers, especially when dealing with large files and specific compliance requirements. While lightning-file-upload is excellent for seamless integration within Salesforce, lightning-input type=file provides the necessary flexibility for handling complex compliance scenarios and external storage requirements. Choose the tool that best fits your specific needs and regulatory constraints to ensure efficient and compliant file handling in your Salesforce applications
If you’re facing challenges integrating Salesforce with other systems or need guidance on compliance-related concerns, our team of experts is here to help. We offer consulting services to ensure your Salesforce integrations are seamless, efficient, and compliant with all necessary regulations. Contact us to today to discuss your specific needs and find out how we can assist you in achieving your goals.
