Today’s guest post is delivered by Gilad David Maayan, a technology writer who has worked with over 150 technology companies including SAP, Samsung NEXT, NetApp and Imperva, producing technical and thought leadership content that elucidates technical solutions for developers and IT leadership.
Salesforce provides security controls for your data, categorized according to organization, object, field, and record level. To properly secure your Salesforce workloads, you must first understand the Salesforce data security model, as explained in this article. You will also learn tips and best practices for data sharing, auditing, session configuration, and encryption.
Salesforce Data Security Model
Within Salesforce, you have full control over what information users can access. This extends to articles, records, and individual fields. Each security concern is categorized into a level, which enables you to control certain aspects of security.
Organization Level Security
Organization level security settings enable you to determine who has access to your Salesforce system, including from where and when.
At the organizational level, you can define:
- IP restrictions—determines what IP addresses users can access data from.
- Login access—determines timeframes when users can access data.
- Password policies—determines the life cycle of passwords, required complexity levels, and reusability.Â
Object Level Security
Object level security settings enable you to guide how objects are handled, including creation, access, and modification.
At the object level, you can define:
- Profiles—determines who is allowed to do what with objects. This is based on individual users with individual create, read, edit, delete (CRED) settings.Â
- Permission sets—enables you to extend permissions granted to user profiles in a standardized way.
Field Level Security
Field level security settings enable you to restrict specific fields according to user profile. For example, you can determine who can see an employee’s compensation information. For those without permission, this information is hidden from view or access.
Record Level Security
Record level security settings enable you to determine how and by whom records are accessed or shared.Â
At the record level, you can define:
- Organization-wide sharing defaults—determines how freely records can be accessed if profile permissions are not defined.
- Role hierarchy—enables you to grant tiered permissions. This grants higher level users, such as supervisors, access to all data of the users below them.
- Sharing rules—determine how you can share information and who with. You can use these rules to define lateral sharing or to allow access outside your organization.
- Manual sharing—enables you to grant record limited sharing permissions. For example, if only one specific user needs access to a record.
Salesforce Security Best Practices
When configuring or auditing your data security settings, there are several best practices you should apply. These practices can help you increase the overall security of your data and ensure that customer and employee privacy is protected.
Data Sharing
Data sharing policies often aren’t used exclusively for security purposes but these policies can significantly impact security.
For example, you should carefully choose between hierarchical sharing and use of Public Groups. Keep in mind that hierarchical sharing provides a higher tier user access to all data of those below them. In contrast, Public Groups enable you to define sharing rules regardless of where users fall in a larger hierarchy.Â
You should also take care with how you allow owner sharing. When records are shared manually by owners you have limited ability to track who has access. You can use the Developer Console to manually identify which records are shared but this is not practical on a larger scale. Additionally, when records swap owners, this information is lost. The lack of visibility this creates can be a liability if owners are sharing sensitive information without approval.
Audit Regularly and Watch for Vulnerabilities
As with any system, you should make sure to regularly audit your configurations and settings. Audits can help you identify configurations that have been changed manually or automatically due to updates. It helps you identify users or roles that are no longer valid and that should be removed. Auditing can also help you identify inefficiencies in your current roles and groups and point to how these aspects can be streamlined or refined.Â
It is also a good idea to regularly check for Salesforce security vulnerabilities in a vulnerability database, and take action if necessary. There is also a standard SalesForce procedure that allows you to perform a full security assessment and penetration test of the SalesForce platform to ensure it meets your security requirements.
Session Settings
Session settings provide you control over individual user sessions, including verification and timeout settings. Verification settings enable you to specify whether or not multi-factor authentication is needed. This is activated via the “Raise session to high assurance” setting. This feature is available for a variety of data and services, including reports, dashboards, and connected applications.Â
Timeout settings enable you to define for how long a session is authenticated and for how long inactive sessions should persist. When setting this, you need to find a balance between convenience and security. You don’t want your users to have to log-in every thirty minutes but you also don’t want sessions active for hours after a user is done with the system for the day.
Shield Platform Encryption
Shield Platform Encryption is a natively integrated service that enables you to encrypt your data in-transit or at-rest. You can use it to extend the built-in encryption that comes with Salesforce by default.Â
With Shield Platform you can encrypt a range of data, including:
- Fields—includes a range of standard and custom fields
- Files—includes attachments, notes, PDFs, and images
- Data elements—includes analytics, search indexes, Chatter feeds, and Change Data Capture information
Shield Platform Encryption works via keys managed either by you or Salesforce. If you use Salesforce managed keys, you can create keys based on a master secret and organization-defined key material. If you wish to manage your own keys, you can use the Cache-Only Key Service to fetch the key as needed.Â
Apply the Principle of Least Privilege
When creating permissions, access controls, and roles, be sure to enforce the principle of least privilege. This principle specifies that only the minimum functional amount of access is provided. These limitations help reduce the damage that users can accidentally or purposely create. It also limits any access provided by compromised credentials.
Conclusion
Salesforce provides you with the majority of the features and tooling needed for basic security. The organization level enables you to configure access control, object level is for profiles and permissions, field level restricts access to fields, and record level enables you to create a record access hierarchy.Â
Once you configure your security settings, you should set up sharing procedures, audit regularly, configure and monitor session restrictions, encrypt data, and apply the principle of least privileges.
Leave a Reply