Salesforce: Top Security Use Cases

Salesforce is a leading customer relationship management (CRM) software used to support sales, marketing, customer success and channel teams manage data and processes.
How Adaptive Shield Helps Secure Salesforce
Salesforce contains sensitive customer information, and offers different modules that ensure privacy. However, those security features can be overrun by threat actors if the settings within the application are misconfigured.

Adaptive Shield automates reviews of over 100 configurations in Salesforce, ensuring that all configurations are set correctly and alerting users in the event of configuration drifts.

Through these different security checks, you can count on Adaptive Shield to prevent unauthorized access of your Salesforce.

Securing Against Guest Users

Ensure that only authorized external users can access Salesforce
  1. Enforce authentication through a custom domain
  2. Require email confirmations to change an external user’s email address
  3. Remove API permissions for external users for Experience (formerly Community) sites
  4. Disable guest profile API permissions
  5. Alert on any dormant user

Limit Application Access

Control users who can enter into your Salesforce instance
  1. Set up MFA
  2. Set up SSO
  3. Limit number of login attempts
  4. Enforce authentication through custom domain
  5. Limit connected apps API access
  6. Disable guest profile API permissions

Control Public Links

Prevent assets from being shared with anyone using public links
  1. Disable links and content deliveries without password protection
  2. Disable dashboard component snapshots
  3. Prevent community users from sharing links publicly
  4. Hide sensitive information that is contained in the URL

Protect Against Malware

Block Malware Files from Entering Your File Repository
  1. Block users from uploading files whose extensions indicate they may pose a security risk
  2. Disable high-risk file types from being executed in a browser
  3. Prevent guest use file upload
  4. Enable clickjack protection

Manage User Passwords

Protect against password spray and other common password-centric attacks
  1. Set minimum password length
  2. Set password complexity
  3. Prevent password hints from containing the password

Track Multiple Instances of Salesforce

Compare instances of the application from across your organization to identify best practices and upgrade the overall security posture of every Salesforce instance

Govern Permissions and User Access

Gain deep visibility into identity security posture by managing user roles, profiles, permission sets, and native or custom field-level security and object-level security, all in one place.

Saas Security

Breach Debrief Series: Salesforce Community Sites

Several organizations have had their data leaked due to a misconfiguration in Salesforce Communities.

Saas Security

Salesforce Release Update: A Cautionary Tale for Security Teams

Few people talk about managing the security aspects of Salesforce Release Updates. By understanding what Release Updates are, Salesforce customers can better protect sensitive information.
GDPR Compliant
ISO 27001 Compliant
ISO 27001 Certified
ISO 27701 Certified
SOC 2 Compliant
Cyber GRX