Salesforce Security
Quick Links
Keeping your Salesforce data safe should be top priority. So, let’s talk about security features for a moment. Salesforce has a numerous way to protect your data. I will discuss three briefly in this article.
Password Policies
If you haven’t taken a look at your Password Policies in a while, now is a good time to do so. It is easy to say the password never expires or only expires once a year but is that really the best security for you company. If you are not aware of the Password Policies here are some things you can change regarding password policies:
Take care to make decisions based on the security of your data and not what is easiest for your users.
Access password policies from Setup\Security\Password Policies. Please let me know if you have any questions.
Multi-Factor Authentication (MFA)
Salesforce is strongly encouraging customers to turn on MFA for all user logins, across all Salesforce products. Salesforce knows that confidentiality, data integrity and availability of your data is vital to your business. As the security landscape evolves and threats that can compromise user credentials grow more common, it’s important to implement strong security measures to protect your business and customers.
These days usernames and passwords alone don’t always provide sufficient protection since bad actors can easily exploit weak or reused passwords. MFA is one of the simplest and most effective ways to prevent unauthorized account access and safeguard your data and your customer’s data.
MFA requires two or more factors, providing options for many combinations of authentication mechanisms. Salesforce only supports strong authentication factors. This means the user must have the factor in their possession. Depending on your Salesforce product, Salesforce supports these types of strong factors:
Salesforce Authenticator mobile app
Time-based one-time passcode (TOTP) authentication apps, like Google Authenticator or Authy
Hardware security keys that support USF or WebAuth, such as Yubico’s YubiKey or Google’s Titan Security Key
Salesforce is not requiring MFA at this time but is strongly encouraging you to do so. If you need any help with this, please let me know.
Backups
Another way that you can protect your data is by making sure it is backed up properly. Salesforce does allow you to backup your data on regular intervals based on your Salesforce edition. However, these backups come in .csv files which makes it very time consuming to restore any lost data. You might want to consider purchasing a backup app so that lost data could be restored more easily. Here at Big Dog we use CloudAlly to backup our Salesforce data.
With CloudAlly you can have automated or on-demand Salesforce backups. That allows you to schedule daily back ups as well as run a backup before you make any major changes to your data. CloudAlly's Salesforce Backup gives you unlimited storage and unlimited retention period. The restore feature allows point-in-time restore, point-in-time metadata comparison, record level restore, deleted items restore, metadata restore, parent-child relationship restore and more. CloudAlly is secure and certified with OAuth and MFA/2FA support, and is ISO 27001, HIPAA, and GDPR compliant. They have global data centers and secure Amazon AWS S3 encryption. CloudAlly can also backup Office 365, SharePoint/OneDrive, G Suite, Box.com and Dropbox Business. Yearly price is $30/year/user. We can help you with CloudAlly setup if needed.
