Nerd @ Work

When Salesforce is life!

Author: Gilad David Maayan

Salesforce Data Management 101: Know Your Storage

By

On May 15, 2020

In Post

Today’s guest post is delivered by Gilad David Maayan, a technology writer who has worked with over 150 technology companies including SAP, Samsung NEXT, NetApp and Imperva, producing technical and thought leadership content that elucidates technical solutions for developers and IT leadership.

When developing an app, you need to know how data is stored, structured, and organized. This information is crucial when building, maintaining, and updating your software. It can also help you understand what are the capabilities of this build, how far you can take it, and when it will need to be scaled up. 

In Salesforce, you can use two types of storage for data and for files, but there are five methods designed for specific use cases — files, CRM, documents, attachments, and knowledge. In this article, you will learn how storage works in Salesforce, including tips to help you avoid hitting your storage limits.

How Data is Stored in Salesforce

When working with Salesforce, there are several reliable and efficient ways to store your data. This includes media files, customer profiles, documents, and presentations. This storage is broken down into two types — data and file. 

Data storage includes many fields, such as accounts, cases, custom objects, events, opportunities, and notes. This data is automatically stored within the Salesforce database and you do not have individual control over where specific items go. 

File storage includes attachment files, customer content, media, Chatter files, documents, and custom files in Knowledge articles. This content you can individually control depending on how it is created and attached. Below are the five methods you can use for file storage.

Files

Salesforce Files is a storage location you can use to store any type of file. Salesforce has positioned it to replace most of the following methods as it offers more features and functionality. Files enables you to follow specific files, generate links, share files with users or groups, and collaborate on files. In Files, each file can be up to 2GB. 

Customer relationship management (CRM) content

Salesforce CRM content is where you can store files that you want to publish and share with coworkers and customers. For example, presentations or content packs. This can include marketing files, document templates, media, or support files. This storage type supports files up to 2GB although this drops to 10MB depending on how you upload data. 

Documents

Documents storage enables you to store a variety of web resources, including logos, email templates, and Visualforce materials. When files are stored here, you do not have to attach data to specific records. In Documents, files can be up to 5MB.

One thing to keep in mind — if you are using an older version of Salesforce Documents storage is still available. However, if you are using Lightning Experience, this functionality has been replaced by Files. When you update your Salesforce, you need to convert your Documents to Files before you can access your data. 

Attachments

Attachments is a storage area you can use for files that you want to attach to specific records. For example, marketing campaigns, cases, or contact information. The downside of Attachments is that you can’t share files with links and do not have access to version control. In Attachments, files can be up to 25MB and feeds can be up to 2GB.

Knowledge

Knowledge is a storage area you can use to create and store knowledge base articles. These files can be searched by internal users and shared with customers through your portals or Lightning Platform Sites. In Knowledge, each article can be up to 5MB.

How to Avoid Hitting Your Storage Limits in Salesforce

Regardless of how you store and manage your files in Salesforce, you need to be aware of what your storage limits are and how to make the most of those limits. You should also be aware of what alternative options you have to expand your storage. 

Storing data outside of Salesforce

Sometimes, the most practical option is to store some of your data outside of Salesforce. One reason for this is your storage limits. In Salesforce you are allowed:

  • Data storage—10GB of base storage plus 20MB of storage per user. If you are using Performance or Unlimited versions, user storage is 120MB per. However, the Developer, Personal, or Essentials versions follow different rules with no user data and 5MB, 20MB, and 10GB respectively.
  • FIle storage—for most plans you get 10GB per organization and from 612MB to 2GB per user. For the Developer and Personal plan you get 20MB, and for Essentials you get 1GB. No user data is provided for these plans.

Even if your data is still within storage limits, keeping redundant or unnecessary data in Salesforce can cause issues, including:

  • Degraded performance
  • Inaccurate reporting
  • Inefficient searches

To avoid these issues and ensure that your limits are not exceeded, you might consider adopting a cloud storage service. These services can provide scalable, cheap storage that you can connect with API or third-party extensions to your Salesforce system. 

For example, Azure File Storage by NetApp can provide a standard file system format that you can use from anywhere, including hybrid systems. Or, AWS S3 services can be connected for unstructured storage and any type of data. 

Cleaning up unwanted data

Maybe you do not want to store data outside of Salesforce or you have already moved data but still want to improve storage efficiency. In these cases, you can focus on cleaning your data. You can do this either manually or automatically depending on the type of data you’re trying to eliminate. 

For manual clean-up, Salesforce provides a native deletion wizard. You can use this wizard to eliminate old accounts, contacts, activities, leads, or cases. To identify data that is safe to remove you can run a report to see when data was last used and eliminate things before a certain date. Or, you can individually delete data as users inform you it’s no longer accurate.

Another option is to use extract, transform, load (ETL) tools to pull your data, process it (removing unnecessary data), and load the remaining data back in. This option enables you to script clean-up based on whatever parameters you’d like. However, it can be a lengthy process and requires the help of external tools, such as Salesforce Data Loader or Informatica.

Archiving data

During your data downsizing, you will probably find data that you no longer need in your system but that you don’t want to delete. For example old client files that you need to keep for compliance, historical customer reports, or knowledge base articles for legacy products or services. 

If you have data like this that you want ‘just in case’, archiving is your best option. Archiving enables you to export data from your system, compress it for efficiency, and store it wherever you prefer. 

Often, the previously mentioned cloud services are a good option for this. Many services have cold storage tiers available that are much cheaper than on-premise storage. These services enable you to store large volumes of data that you rarely need to access and can eliminate worries about data corruption or loss due to hardware failure

Conclusion

Salesforce comes with a specific data management build that you need to comply with. The two basic data types are data and files, and these are sorted further into five organizational types — files, CRM, documents, attachments, and knowledge. However, you do not have to use all of these. Recent Salesforce change enables you to store most of these elements as files. 

Whichever structure you choose, be sure to continually monitor and optimize your storage. Adding monitoring on a regular basis can help you optimize both performance and billing. To avoid hitting your storage limit, you can store data outside of Salesforce, clean up unwanted data, and archive cold data. 

How to Secure Salesforce Workloads: Tips and Best Practices

By

On March 28, 2020

In Post

Today’s guest post is delivered by Gilad David Maayan, a technology writer who has worked with over 150 technology companies including SAP, Samsung NEXT, NetApp and Imperva, producing technical and thought leadership content that elucidates technical solutions for developers and IT leadership.

Salesforce provides security controls for your data, categorized according to organization, object, field, and record level. To properly secure your Salesforce workloads, you must first understand the Salesforce data security model, as explained in this article. You will also learn tips and best practices for data sharing, auditing, session configuration, and encryption.

Salesforce Data Security Model

Within Salesforce, you have full control over what information users can access. This extends to articles, records, and individual fields. Each security concern is categorized into a level, which enables you to control certain aspects of security.

Organization Level Security

Organization level security settings enable you to determine who has access to your Salesforce system, including from where and when.

At the organizational level, you can define:

  • IP restrictions—determines what IP addresses users can access data from.
  • Login access—determines timeframes when users can access data.
  • Password policies—determines the life cycle of passwords, required complexity levels, and reusability. 

Object Level Security

Object level security settings enable you to guide how objects are handled, including creation, access, and modification.

At the object level, you can define:

  • Profiles—determines who is allowed to do what with objects. This is based on individual users with individual create, read, edit, delete (CRED) settings. 
  • Permission sets—enables you to extend permissions granted to user profiles in a standardized way.

Field Level Security

Field level security settings enable you to restrict specific fields according to user profile. For example, you can determine who can see an employee’s compensation information. For those without permission, this information is hidden from view or access.

Record Level Security

Record level security settings enable you to determine how and by whom records are accessed or shared. 

At the record level, you can define:

  • Organization-wide sharing defaults—determines how freely records can be accessed if profile permissions are not defined. 
  • Role hierarchy—enables you to grant tiered permissions. This grants higher level users, such as supervisors, access to all data of the users below them. 
  • Sharing rules—determine how you can share information and who with. You can use these rules to define lateral sharing or to allow access outside your organization.
  • Manual sharing—enables you to grant record limited sharing permissions. For example, if only one specific user needs access to a record. 

Salesforce Security Best Practices

When configuring or auditing your data security settings, there are several best practices you should apply. These practices can help you increase the overall security of your data and ensure that customer and employee privacy is protected.

Data Sharing

Data sharing policies often aren’t used exclusively for security purposes but these policies can significantly impact security.

For example, you should carefully choose between hierarchical sharing and use of Public Groups. Keep in mind that hierarchical sharing provides a higher tier user access to all data of those below them. In contrast, Public Groups enable you to define sharing rules regardless of where users fall in a larger hierarchy. 

You should also take care with how you allow owner sharing. When records are shared manually by owners you have limited ability to track who has access. You can use the Developer Console to manually identify which records are shared but this is not practical on a larger scale. Additionally, when records swap owners, this information is lost. The lack of visibility this creates can be a liability if owners are sharing sensitive information without approval. 

Audit Regularly and Watch for Vulnerabilities

As with any system, you should make sure to regularly audit your configurations and settings. Audits can help you identify configurations that have been changed manually or automatically due to updates. It helps you identify users or roles that are no longer valid and that should be removed. Auditing can also help you identify inefficiencies in your current roles and groups and point to how these aspects can be streamlined or refined. 

It is also a good idea to regularly check for Salesforce security vulnerabilities in a vulnerability database, and take action if necessary. There is also a standard SalesForce procedure that allows you to perform a full security assessment and penetration test of the SalesForce platform to ensure it meets your security requirements.

Session Settings

Session settings provide you control over individual user sessions, including verification and timeout settings. Verification settings enable you to specify whether or not multi-factor authentication is needed. This is activated via the “Raise session to high assurance” setting. This feature is available for a variety of data and services, including reports, dashboards, and connected applications. 

Timeout settings enable you to define for how long a session is authenticated and for how long inactive sessions should persist. When setting this, you need to find a balance between convenience and security. You don’t want your users to have to log-in every thirty minutes but you also don’t want sessions active for hours after a user is done with the system for the day. 

Shield Platform Encryption

Shield Platform Encryption is a natively integrated service that enables you to encrypt your data in-transit or at-rest. You can use it to extend the built-in encryption that comes with Salesforce by default. 

With Shield Platform you can encrypt a range of data, including:

  • Fields—includes a range of standard and custom fields
  • Files—includes attachments, notes, PDFs, and images
  • Data elements—includes analytics, search indexes, Chatter feeds, and Change Data Capture information

Shield Platform Encryption works via keys managed either by you or Salesforce. If you use Salesforce managed keys, you can create keys based on a master secret and organization-defined key material. If you wish to manage your own keys, you can use the Cache-Only Key Service to fetch the key as needed. 

Apply the Principle of Least Privilege

When creating permissions, access controls, and roles, be sure to enforce the principle of least privilege. This principle specifies that only the minimum functional amount of access is provided. These limitations help reduce the damage that users can accidentally or purposely create. It also limits any access provided by compromised credentials. 

Conclusion

Salesforce provides you with the majority of the features and tooling needed for basic security. The organization level enables you to configure access control, object level is for profiles and permissions, field level restricts access to fields, and record level enables you to create a record access hierarchy. 

Once you configure your security settings, you should set up sharing procedures, audit regularly, configure and monitor session restrictions, encrypt data, and apply the principle of least privileges. 

Salesforce Commerce Cloud: Latest Features and Updates

By

On January 20, 2020

In Post

Today’s guest post is delivered by Gilad David Maayan, a technology writer who has worked with over 150 technology companies including SAP, Samsung NEXT, NetApp and Imperva, producing technical and thought leadership content that elucidates technical solutions for developers and IT leadership.

The consumers of 2020 want to access and purchase products and services anytime and anywhere. They are always connected and engage with e-commerce brands through chatbots, social media, and marketing emails. 

Consumers often expect to instantly find and buy the product they are looking for. This is why e-retailers want to create a smart, and easy shopping experience in every media channel. You can achieve these goals through the use of Salesforce Commerce Cloud.

Salesforce recently announced some new features in its Commerce Cloud platform. New features include artificial intelligence, inventory availability and more. Read on to explore some of these new features. 

What Is Salesforce Commerce Cloud?

Salesforce Commerce Cloud (SFCC) is a cloud-based e-commerce platform that lets you manage products, promotions, content, and pricing. From the operational point of view, the platform offers different functionalities over multiple channels like mobile, web, social, and store. SFCC integrates with your order fulfillment channel and with your back-office tools. 

Salesforce Commerce Cloud key features include:

  • Omni-Channel platform—SFCC integrates your physical store with your online store to improve customer experience and grow your business.
  • SaaS solution—SFCC is a SaaS solution that enables real-time access to information about your online and offline operations. 
  • Flexibility—SFCC enables customers to return products anywhere they want. In addition, shoppers can save time by paying online and picking up the product from the store.
  • E-commerce website management—SFCC provides a Content Management System (CMS), and Operations Management System (OMS). The e-commerce store does not require programming experts to work on the backend. SFCC provides a wide audience reach with compatibility to all popular operating systems like Windows, Android, and iOS.
  • Personalization—SFCC offers a personalized shopping experience by analyzing customer behavior. As a result, store owners can promote unique content that is appealing to specific users.
  • Seamless upgrades—Salesforce constantly rolls out many new features and updates. Updates are available in the administration panel and the installation does not require any technical intervention.
  • Internationalization—SFCC enables users to manage multiple stores from a single back-end. As a result, store owners can integrate things like multi-language and multi-currency. 

Newest Salesforce Commerce Cloud Features

Top-shelf shopping experiences are critical in the competitive e-commerce landscape. One way of doing so is through Artificial Intelligence (AI). That is why Salesforce recently integrated AI-powered features into the Salesforce Commerce Cloud. Below is a quick review of the newest Salesforce Commerce Cloud features and how they can transform e-commerce brands.

1) Einstein AI-Based Visual Search

The term visual search refers to a product search, which is run with a photo instead of text and keywords. Recent reports reveal that 62% of millennials prefer visual search over any other search technology. In addition, brands that offer voice and visual search will increase their revenue by 30% in 2021. The visual search market is estimated to reach $28.4 billion by 2027.

To address increasing customer expectations, Salesforce announced the Einstein Visual Search. Einstein is an AI-based feature that enables users to search, shop, and discover promotions through photos. Shoppers upload an image from their mobile device and the Einstein Visual Search automatically finds a visually similar product. 

An AI algorithm improves the search capability of Einstein when various users upload different images. SFCC enables image optimization and uploads from smartphones through services like Cloudinary. Retailers can extend the feature to include uploads from laptops or desktops.

2) Einstein Recommendation Engine

Recommendation engines enable retailers to offer the right product to the right customer at the right time. The result is an increased conversion rate and Customer Lifetime Value (CLV). Experts indicate that up to 31% of e-commerce store revenue comes from product offer personalization. Another report indicates that 35% of Amazon’s revenue comes from its recommendation engine. 

Formerly, the Einstein recommendation engine was only available in the SFCC storefront. The new update enables retailers to integrate Einstein recommendations beyond their e-commerce site through an API. Merchants can now personalize user experience on mobile apps and across customer service and marketing channels.

3) Inventory Availability Service

This new feature enables e-commerce sores to activate a fulfillment center and in-store inventory across multiple digital channels in real-time. As a result, retailers can use programs like buy online, browse by store or, pick-up in store.  The new feature also supports spike periods with high-volume requests like holidays.

4) Developer Sandboxes

Developer sandboxes isolate development work from your production environment until you are ready to deploy changes. Sandboxes provide a training environment for developers and enable them to test changes against users and versions of production data. You can set up a sandbox in minutes and deliver innovation to the e-commerce website faster. 

5) Commerce API Explorer

The new Commerce API Explorer allows developers to search across an API library and test different functions and calls. This new one-stop-shop for all Commerce APIs in a single portal and easy-to-use user interface allows developers to design and test new experiences more efficiently.

6) Salesforce Commerce Cloud Pricing Model

SFCC has recently changed its pricing model to a range that enables smaller merchants to use the platform. The new pricing is based on a Gross Merchandise Volume (GMV) model and offers three core options—Starter, Growth and Unlimited. GVM is the total gross revenue of an e-commerce store in a given period.

The Starter option is for single store retailers and stores with up to two price books. The pricing starts at 1% of GMV. The Growth option is for retailers with up to five stores and up to 10 price books. The pricing is set to 2% of GMV. The Unlimited option is for merchants with larger demands. 

The new pricing is more appealing because there are no significant ‘upfront’ license costs. However, this approach may not appeal to a niche business model or non-standard audiences. SFCC features are mainly focused on what the majority of B2C retailers find compelling.

Conclusion

Digital commerce is no longer just a shopping cart. In fact, 21.8% of the world’s population shops online, which makes online shopping responsible for 11.9% of all retail revenue worldwide. For this reason, retailers can leverage Salesforce Commerce Cloud to deliver enhanced shopping experience through AI-powered commerce services, APIs and a robust partner ecosystem. Some of the most well-known brands use Commerce Cloud, including Under Armour, Fila, GoPro and more.

For more info about the Commerce Cloud product click here.


Integrating Salesforce with AWS: A beginner’s guide

By

On December 23, 2019

In Post

Today’s guest post is delivered by Gilad David Maayan, a technology writer who has worked with over 150 technology companies including SAP, Samsung NEXT, NetApp and Imperva, producing technical and thought leadership content that elucidates technical solutions for developers and IT leadership.

Salesforce is a Platform as a Service (PaaS) that provides developers with cloud-based environments and resources for building and deploying cloud-based applications. The platform offers a number of modules, each provides different resources. 
AWS is a cloud computing vendor that offers a variety of cloud-based compute resources, such as object storage, data lakes, Artificial Intelligence (AI), and development resources. Salesforce and AWS are partners, and offer a number of connectivity options. 
This article provides an overview of Salesforce services and technology, and key integrations you can create to establish a connection between Salesforce and AWS.

Salesforce for Developers: Main Services

Below, you’ll find a brief overview of the main Salesforce offerings for developers.

Lightning Platform

A PaaS module geared for fast apps delivery. Lightning’s cloud architecture is based on multitenancy, which means you share cloud resources with other users. Lightning comes with ready-made solutions, automation processes, and API integrations. You can create your own customizations metadata fields and with Apex code.

Heroku 

A container-based cloud PaaS. It supports languages and frameworks such as Python, Clojure, Node.js, PHP, Java, Ruby, Scala, and Go. The main advantage of Heroku DX Developer Experience is the user-friendly dashboard, which provides easy-to-use metrics, and API and automation controls. 

You can extend the capabilities of Heroku with services such as Enterprise (with 24x7x365 support with a 30 minute SLA), and Elements (additional languages and services, fully managed services). You can also host your Heroku operations in a private cloud, while maintaining smooth integration with Salesforce.

Einstien

Einstein Platform Services provide Artificial Intelligence (AI) resources for Salesforce developers. The purpose of the platform is to make your applications smarter, as the name implies. To that end, Einstein provides the following services:

  • Einstein Vision—a computer vision module that enables image recognition
  • Einstein Language—a natural language processing module 

You can use Einstein Platform Services to train deep learning models in the cloud. As in any Salesforce service, it comes with APIs and Apex for integration and customization. Einstein Analytics enables AI-based data analyses.

Trailhead

A learning center for Salesforce skills, which offers a variety of educational modules. You can read guides, sign up for classes, and earn certifications. There are modules for companies, as well as a huge community-based hub. Everything is available online through the Trailhead website. 

Salesforce Technology

Salesforce uses metadata, APIs, and containers to enable its technology. To enable quick deployment and scaling, Salesforce runs Kubernetes in production on bare-metal throughout their cloud infrastructure. This kind of architecture enables Salesforce to provide fine-grained microservices for Salesforce end-users and developers alike.

You use containers to pack your apps, metadata to describe the structure of your development artifacts, and APIs to enable connectivity between Salesforce services, third-party vendors, and connected devices and technology. These three main technologies make the Salesforce app development process fast and simple. 

Salesforce and AWS Integrations

There are many use cases and integration methods. This section focuses on AWS, but you can find more information about Salesforce integration here.

1. Integrating Salesforce with Amazon S3

Amazon Simple Storage Service (Amazon S3) is an affordable object storage and archive offered by AWS. Typically, you would do this integration in order to build a data lake on S3. To move data from Salesforce to S3, you need to use the Amazon S3 connector. You’ll find more information here

2. Integrating Salesforce with Amazon Lambda

AWS Lambda is a serverless compute service for processing events. To do this integration, you need a Salesforce account and an AWS account. Once you set up your account, you need to create a connection between Salesforce and AWS API gateway. You do this by creating open authentication. Then, you need to configure the data flow, and “tell” Salesforce to subscribe to AWS Lambda events. Here’s a step-by-step guide that shows you how to do this integration.

3. Integrating Salesforce with Amazon Athena

Amazon Athena is a serverless interactive query service for performing S3 data analysis with standard SQL. This type of integration is more complex, because you would need to create more than one integration. First, you need to connect Salesforce with S3, then connect Salesforce with Lambda. Once you transfer data from Salesforce to S3, you’ll be able to query it using Athena. Here’s a guide that shows you how to do this.

4. Integrating Salesforce with AWS PrivateLink

AWS PrivateLink creates secure and private connectivity between AWS services, AWS-hosted on-prem apps, and Virtual Private Clouds (VPCs). This is a built-in AWS feature that enables integration between AWS and SaaS offerings from AWS Partner Network (APN) Partners, such as Salesforce. In May, Heroku Postgres via PrivateLink, which enables connectivity between private Heroku Postgres databases and AWS VPCs, was made generally available. This connection is easy and fast. You can learn how to create it here.

Conclusion

Secure and simple integration between your development PaaS and your cloud resources is vital for business continuity. You’re using these APIs to transfer data, listen to data, and establish connectivity between systems, devices, and networks.

Native integration is a major advantage, because it was created especially for the two connected points. Security is typically covered well in these scenarios, and the connection fits the two vendors (or in house services) in a way that necessitates little to no configuration. In other cases, like integration #3 in this article, you would need to set up the connection. 

Take the time to assess your situation, and find out what kind of integration you need. Experiment with free tiers, make use of community knowledge base, and keep security concerns in mind as you create your integrations. Data is valuable, and you don’t want just anyone listening on your connections.

Page 2 of 2

Previous

Powered by WordPress & Theme by Anders Norén