Considering the rising costs of data theft and industrial sabotage, organisations ought to put robust measures into place to safeguard their digital properties and address potential Salesforce security and cyber security concerns. According to the 2019 Cost of a Data Breach Report released by IBM, the average total cost of a data breach incident amounts to $3.92 million. This further underscores the need to adopt information security best practices and procedures.
Fortunately, Salesforce is an inherently secure cloud-based CRM, so maintaining your org’s Salesforce security and keeping your integrations airtight isn’t too complicated. There are a number of practical measures you can roll out to mitigate security incidents brought on by hackers and user mistakes.
1. Correctly Set Up and Configure Your Network’s Security
Setting Up Network Access for Your Org
You’ll need to configure your trusted IP range for your Salesforce org. This is a whitelist of IP addresses that are allowed to gain access to your org. This list typically consists of your company workstations’ IP addresses and approved VPNs for staff. Anyone who attempts to login with a computer not included in the list will need to take extra steps to gain access, such as two-factor authentication.
To create a new trusted IP range, go to Setup. Then type in Network Access. Under this section, simply click on the ‘New’ button and specify the range of IP addresses you’d like to add.
2. Utilise App Whitelisting to Prevent Data Leaks to 3rd Party Apps
You can also maintain Salesforce security by enabling App Whitelisting for your org. This puts a stop to users mistakenly granting 3rd party apps the ability to read your org’s data. With this feature, Salesforce admins, determine which 3rd party apps may receive access to the org. This particular solution is scalable, as it can be implemented for the entire org for all Salesforce users or for selected users only, if needed.
Enabling App Whitelisting
- First, the Salesforce admin will need to send a request to Salesforce support to enable this option
- Once the feature has been enabled, go to Manage Connected Apps. Then click on ‘Edit’ beside the app you wish to whitelist
- Go to OAuth policies > Permitted Users. Now, go ahead and pick the “Admin approved users are pre-authorised” option
- Return to Manage Connected Apps, and click on the name of the app you whitelisted. This will take you to the details of the app, where you can add Permission Sets and Profiles
3. Monitor Your Org’s Login History
Monitoring your org’s login history is an additional approach to enhancing your Salesforce security that is relatively simple to configure. With this feature, you’ll have access to the ‘New Login Location Report’.
Accessing Your Org’s Login History
- Simply go to Setup, and type in Login History.
4. Set Up Two-Factor Authentication for Logins
This is another easy method that will enhance your org’s Salesforce security. Each time one of your users logs in to your company’s org, they’ll be required to perform an extra step to gain access either through entering a code sent via SMS or an app designed to authenticate their session. This Salesforce video here demonstrates how to configure this for your organisation.