- 5 Salesforce Security Tips to Make Your Instance More Secure - June 10, 2021
- Keeping Your Salesforce Instance Organized - May 7, 2021
Let’s face it, we all live in an evolving digital world. Our personal lives, work lives, and finances all gravitate towards the world of the internet, electronic media, and mobile computing. Unfortunately, this widespread phenomenon puts us at a risk of facing malicious attacks, fraud, invasions of privacy, and other unpleasantries. These are just some of the biggest reasons why cybersecurity is such an integral part of a well-organized and secure digital world.
With Salesforce being the hub of information for many software-as-a-service (SaaS) organizations, it’s no surprise that every Salesforce-powered organization wants to keep its Salesforce instance and integrations secure. There is no denying the fact that Salesforce offers one of the most trusted and reliable CRM platforms but organizations still need to make ensure all security measures are in place to minimize external threats and breaches.
1. Two-Factor Authentication
The easiest way to enhance the security level of your Salesforce instance is by setting up two-factor authentication. For this, you can enable two-factor authentication for logins to add a security layer by asking every user to verify their identity through an authentication application such as the Salesforce Authenticator App or call/text message every time they try to login to the Salesforce org.
Two-Factor Authentication for Reports
In Salesforce, you can leverage two-factor authentication for safeguarding access to reports. For this, an admin will need to “Raise the session level to High Assurance” in Setup under “Session Security Levels”.
Regulating control access to printing and exporting reports
Salesforce can be configured for prompting users to verify their identity when printing or exporting reports. For this, you need to enable “Raise the Session to High Assurance” in Setup type in “Identity Verification” and under “Security Level Policies”.
2. Configure Network-Based Security
You need to make sure that the Trusted IP range feature is configured in Salesforce. The trusted IP range generally denotes office locations and private networks accessed by employees so everyone outside of that range is prompted to verify their identity before Salesforce can be accessed.
To set up an org-wide Salesforce configuration, you’ll need to click “New” in Setup search for Network Access for creating a new trusted IP Range.
Pro Tip: You can add informative descriptions in case you have multiple trusted IP ranges so that it is easier to specify and recognize which range applies to which use case.
3. Track Login History in Salesforce
To increase the safety of your Salesforce org, you can track login history by accessing a standard report called “New Login Location Report”. You can make a quick search for Login History under the Setup menu.
4. Enable App Allowlisting
App Allowlisting (formerly Whitelisting) should ideally be enabled in the Salesforce org to block end users from offering solutions access to Salesforce if a third-party app requires access to Salesforce.
Steps to enable App Allowlisting
The Admin(s) of your Salesforce instance is required to call Salesforce or submit a case to enable App Allowlisting. Once enabled, the admin can assign the permission set access and specific profiles to certain applications. For instance, Data Loader is a commonly-used app but every user should not have access to it.
Click “Edit” next to Dataloader Partner under “Manage Connected Apps”.
Authorized users can click “Admin approved users are pre-authorized” under OAuth policies.
You can then assign Profiles and Permission Sets to gain access to Data Loader under “Manage Connected Apps”.
5. Invest in a reliable and dedicated Salesforce Integration User
Investing in a reliable and dedicated Salesforce Integration User (a full Salesforce license) has become of paramount importance these days with more and more organizations and users integrating AppExchange Apps and other paid tools with their Salesforce instance. It facilitates seamless integration and also enhances the security of your Salesforce instance.
Cybercrimes can happen to anyone and it’s not just the big organizations that get hit. Even everyday consumers experience ransomware attacks, phishing schemes, data breaches, financial losses, and identify theft. Therefore, you should make it a point to set up and manage a more secure instance of Salesforce.