Tag: data encryption.


Top 5 Best Practices to Ensure a Highly Secure Salesforce System

Usually, cloud services are vulnerable to malware and attacks. A recent increase in credibility over cloud applications is due to the leading cloud service providers like Salesforce. 

Salesforce has several in-house services to secure customer’s data and provide robust features to the enterprises. “Salesforce Trust” provides updates on various attacks that can affect Salesforce customers.

Salesforce users should prohibit themselves from providing Salesforces’ login credentials through emails. Recently, Vawtrak malware delivered by Pony steals login credentials and attempts to make unauthorized logins to access and take data from Salesforce.

Although Salesforce offers a single collection of cloud computing resources to serve its customers, data security is achieved by assigning a unique identifier to each Salesforce customer. This id further gets associated with each session accessed by the company.

Salesforce Health check is a feature that provides a security score to speak about the robustness of the configuration. The security score based on the Salesforce recommended baseline settings.

You, as the Salesforce customer, need to take some steps to secure your Salesforce environment.

The following practices should be your mantras:

Knock Knock! –who’s there?

Prevent unauthorized access to compromised accounts through IP restrictions and multi-factor authentication. 

Restrict organization-wide sharing rules with ordinary business functions. To extend beyond the organization-wide sharing rules, implement role hierarchies, sharing rules, permission sets, etc.

Authentication policies

  • Make sure passwords contain uppercase letters, lowercase letters, numbers, special characters, and symbols, with a minimum of 8 characters. 
  • It advises restricting incorrect login attempts to between 3 and 5 times. 
  • Passwords and the secret answers to password resets should not be trivial.
  • Force re-login with a warning upon session timeout, which should be reasonably low.
  • Autocomplete and caching should be disabled on the login page.
  • User passwords should expire within 90 days from creation, and the same passwords should not be used until at least five new passwords are used by enforcing password history.
  • Two-factor authentication is the most effective approach to protect the user account. When a user attempts to view reports or access a connected app, two-factor authentication will help.
  • The two-factor authentication classified into two types, Service-based & Policy-based.
  • Service-based authentication is also known as device activation, which automatically enables for all orgs.
  • Admin controls Policy-based, and it is an admin’s best tool to protect user accounts.

Data Encryption

Usage of platform encryption should accompany the regular generation of a new tenant secret. The destruction of old encrypted keys should be carried out after the decryption of data using the old encryption key.

Remember to re-encrypt the encrypted data with the new critical irrespective of whether they are currently used or archived and not destroyed.

Secure yourself

Clickjack protection to customer Visualforce pages with or without headers along with setup and non-setup Salesforce pages.

Protect your pages with the help of your security experts from illegal access to your account.

Stay updated

All devices accessing Salesforce should have the latest browser version, anti-malware software, and operating systems.

An updated version of your resources should include the latest bug fixes and hence will protect you from exploits.

To summarise,

  1. Restrict authorization and limit sharing rules
  2. Secure passwords and implement session timeout
  3. Regenerate encryption keys and update the data
  4. Protect from malicious attacks
  5. Stay updated with your resources
  6. Use two-factor authentication

Salesforce also has in-house features to keep your Salesforce secure, and you need to follow these best practices to stay safe from malicious attacks. CEPTES, a Salesforce Partner company and platform expert, with more than ten years of expertise and Salesforce, certified consultants would make sure your business grows securely with Salesforce. To know further details, contact us.

Is your data safe with Salesforce

Is Your Salesforce Data Really Safe? Few Questions to Help Us Find Out

Is your data safe with Salesforce? Yes, it is a question, quite unimaginable!! But it’s true!!

There have been 20 hours of service outage, which is even said to effect Salesforce. When we talk about Salesforce, it is rated as #1 CRM tool. The service is designed for global availability and redundancy. In other words, a SaaS-based company in its real sense. Still, it happened, and the frightening reality is that even Saas applications and services can experience such mishaps – including the biggest players like Salesforce. Hence, we are standing in reality, where even Salesforce is not considered safe.

Today we will discuss five questions, that will help us develop a comprehensive plan for protecting the critical Salesforce data.

• What does Salesforce recommend for Data Protection?

The Salesforce Help Center mentions “Although Salesforce does maintain all the backup data and can recover it, it is vital to constantly backup your own data locally so that you have the ability to restore it to avoid relying on Salesforce for backups to recover your data.”

In the event of accidental deletion of your data, it might happen that you get a slow and an expensive data recovery service. Waiting for so long to recover the CRM data can prove to be harmful to some organizations. Hence, concerning both money and time, which is unacceptable.

• What are the various factors that could impact your Salesforce Data integrity?

Threats to your Salesforce Data Integrity can come from any direction. It might seem that the process runs smoothly, yet errors can be introduced from various area. However, the concerned areas include the following:

All Third-Party Apps – Most of the SaaS-based tools, including Salesforce always offers integration with third-party apps. The app extends the functionality of the core service to a more valuable business proposition. This is in one way helps in increasing the productivity. While on the other hand, they can even alter your data in unexpected ways, ultimately leading to recovery challenge and data corruption.

User Error – Most commonly the Salesforce data is operated by multiple users, such as Sales Team, Marketing Team, etc. Public Reports are an excellent example of such situations where users have access to update or delete records. It is a process that opens the door for the possibility of malicious activities.

Data Migration or Updates – Though it is said that the admins are doing thorough checks before performing bulk updates for records. It is not an unusual happening that one may encounter duplicate files or incorrectly updated fields. This process can at the end make your data ineffective.

• Are you Prepared to react to a litigation request that would require your organization‘s data to be made available?

In the year 2014, almost 34% of the companies faced at least one lawsuit with nearly $20 Million at issue. As per this, there is a clear threat of litigation, and hence, the demands for e-discovery is considered to be a real concern for companies of all sizes.

With the growth of businesses adopting more Saas based tools in their day-to-day business operations courts is gradually increasing the production of cloud data as evidence in all legal proceedings.

• Does any Salesforce data adhere to your company’s compliance needs?

It is true that businesses today are subjected to many compliance data handling requirements. These conditions often involve the safeguarding of sensitive customer information. This information includes CRM data, PII (personally identifiable information), etc. hence, it is highly important that you have a comprehensive data management strategy.

• How much does it cost, if you lose your data?

Salesforce as a SaaS-based tool has proven themselves to be a real boon for companies, allowing them to both consolidate and at the same time centralizing the CRM data, making it available to their teams in any

place, at any time. Hence, a granular analysis of this data can be performed, thereby empowering them to manage better the relationships with current customers and as well as better identify potential clients.

But what would happen if this data is suddenly not available? Yes, it is true that Salesforce could even end up compensating its customers to almost an amount of $20 for the last month outage.


After a complete analysis of the entire situation, one can come to the conclusion that Salesforce or any other Saas-based service providers are not completely reliable for your data management. For a real peace of mind, it is always recommended to have an own backup plan in place.