Salesforce is a versatile platform well suited for many businesses. It caters to industries from Financial Services, Healthcare & Life Sciences, Communications, Public Services and Retail.
Salesforce transformed organizations by enabling applications that power the core of business to be available as a SaaS. That transformation generated massive value for its customers. Not only does Salesforce provide a strong set of general capabilities straight out of the box, but it also allows Salesforce environments to be customized to each customer’s needs using code (Apex, LwC, VF) and integrations with other applications. This ability to be customized enables an almost limitless range of possibilities.
Getting security right for such a complex SaaS platform that can be extended as a PaaS can be daunting, to say the least. But Salesforce manages to do many things very well when it comes to security. Here are five aspects of security that Salesforce does well and which help to make it among the most secure SaaS offerings today:
1. Salesforce is secure by default.
Straight out of the box, Salesforce is very secure and locked down. Given that Salesforce came out of an era where there were publicly maintained lists of default accounts and passwords for some SaaS applications, it is encouraging to see a platform which starts in a secure state.
Platforms which start in an insecure state and then have to be locked down by customers put an immediate burden on users to perform an additional step that should have been done by the vendor in the first place. Opening up the Salesforce platform and making security decisions as part of the startup process makes it easy for customers. We recommend security evaluations and threat modeling prior to adding any feature or functionality that could violate security and compliance.
2. Salesforce uses the principle of least privilege.
Salesforce’s data model is based on the principle of least privilege. This means the platform starts with granting a user the minimum data privileges required to perform business functions. If more data access is needed, then those can be provisioned using permission sets and permission set groups. Moreover, it is possible to further enforce record level data access using fine-tuned sharing rules and role hierarchies. The data access management controls within Salesforce are quite robust but must be designed and implemented with security in mind.
3. Salesforce has inherent data exfiltration controls.
Out of the box, Salesforce does not have any outside access, which is often required for integration with other internal or external 3rd party systems. Integrating endpoints and servers securely with Salesforce is easy because it enforces both client side and server side data connections. On the server side, a Salesforce org can only make outbound connections to configured remote sites, integrated external services, and other allowed integrations. This ensures that Salesforce can only communicate with explicitly enabled remote services. Inbound server connections are limited to only enabled integrations via oAuth or other connected applications. On the client side, a Salesforce org is protected with Content Security Policies which only allow enabled domains to load content and thus have access to a Salesforce org. Moreover, additional controls like Cross-Origin Resource Policy limit which domains can make calls to a Salesforce org. These controls form the foundation of protection from data exfiltration attacks. All integrations should be closely reviewed and monitored to ensure that data flow is controlled.
4. Salesforce provides basic data encryption controls.
Salesforce provides the needed data encryption controls required to comply with data governance and security requirements. The platform ships with basic encryption capabilities which can be enhanced by using advanced encryption offered by the Shield platform. Salesforce also supports “bring your own key” to enable Salesforce customers to generate tenant specific keys which are given access to only the customer’s tenant environment. This ensures that customers have the added assurance that their secrets and confidential data are protected using tenant specific keys.
5. Salesforce provides detailed auditing and logging capabilities.
Salesforce audit trails are detailed and extensive, providing the much-needed ability to assess the real-time security events in a Salesforce org. In addition, the audit trail logs do not allow privileged users to overwrite or erase the logs to cover their tracks. This is often a key concern with many platforms and Salesforce has effectively addressed this by adding integrity to the auditing system. The setup audit trail logs are available for 180 days.
In an ever-changing threat environment, using a highly customizable SaaS platform like Salesforce requires strong security fundamentals. While the Salesforce platform offers many other security features, we wanted to highlight these 5 which makes Salesforce do well with security.
What’s your favorite Salesforce security feature? Drop us a line and share your experience.