Eric from CloudLock here and today, we’re going to talk about cloud security considerations within the Salesforce platform.
Salesforce does a tremendous job with securing the platform and infrastructure itself. Today, I’m focusing on the behavioral aspect of cloud security – we know user activities are consider a top source of data breach. Let’s dive into three considerations.
Data Extraction refers to users accessing data within the Salesforce environment and then extracting the data for (perhaps) nefarious purposes. Do we have individuals extracting information, intellectual property, for instance, that is crucial to the organization, and then doing something with it. We typically see this kind of activity prior to an employee leaving an organization, as they want to obtain customer lists or other confidential information for their own use.
Inadvertent Misuse. This could be a range of activities, such as support personnel putting sensitive customer information in fields readable by the entire organization.
Compliance and Audit. Do we have payment card information (PCI) audit or concerns around PCI information exposed in Salesforce, or is their other personally identifiable information (PII) making its way into Salesforce?
There are two primary schools of thought regarding the ways to approach these considerations.
Traditional approaches often depend on appliances and software – having an in-band or man-in-the-middle approach, or deploying software agents. Additionally, other approaches require a network reconfiguration, as seen in a reverse-proxy.
These old school approaches don’t really fit into today’s cloud world. They can be very cumbersome to the user and have impact on business productivity at large.
On the other hand, looking at a cloud-native, API-based approach, security teams can deploy very simply, with minimal impact on the end user, and take advantage of full coverage, including cloud-to-cloud traffic that traditional approaches miss entirely.
Ready for More?
Our eBook, “5 Things You Think You Know About Salesforce Security“, discusses the all -too-common misunderstandings administrators and security professionals may have about Salesforce security. Read the eBook to learn:
- Why security at the infrastructure and platform levels just isn’t enough
- How you can balance Salesforces’ access benefits while protecting your sensitive data on the platform
- Tips to manage the risk of data exposure – whether through insecure devices, third-party apps, or just risky collaboration practices