A Look at Salesforce’s Top Data Security Trends for 2022

See highlights from the report and how S4 can help improve your security

Salesforce recently released their Top Data Security Trends for 2022 report, which provides insights from 300 North American IT leaders across regulated and non-regulated industries. The report focuses on 4 main areas: The security challenges of a distributed workforce, three main security threats to get ahead of, three must-have tools for data security and the tactics every company should focus on.

Distributed Workforces

As more employees work remote, new security and compliance challenges arise. According to respondents, the top two pain points in managing data security include:

  1. 3rd-party security management (59%)
  2. Keeping up with compliance regulations (53%)
Luckily with S4, companies can help mitigate these concerns with its 3rd-party application scanning capabilities and compliance overlay reporting. S4 can surface exploitable vulnerabilities in 3rd-party apps quickly and in an automated fashion.  Additionally, S4’s reporting shows you which vulnerabilities are causing you to be non-compliant against a multitude of regulatory standards, including GDPR, HIPAA, PCI DSS, ISO 27001 and APPI.

3 Main Security Threats

What are the top 3 IT security concerns? The report shows it to be Phishing, Ransomware & DOS and DDOS attacks (tie) and accidental insider breach. While S4 can’t solve for phishing, ransomware or DOS attacks, it can help with catching vulnerabilities accidentally created by employees. S4’s Cloud Security Configuration Review scans against a known list of Salesforce misconfigurations (content security policy, password settings, access controls, etc.) to help surface internal user mistakes.  

3 Must-Have Tools

To win the battle against cyber threats, you need the right ammo (tools). In this case, the most powerful tools IT leaders use for security are data encryption, identity and access control and multifactor authentication. These are absolutely necessary tools that will help keep your data safe. But a tool like S4 should also be a must-have for any Salesforce user because it addresses risk created WITHIN your Org from legitimate customization and development.
 
What happens when your authorized team member makes a change or writes a line of code that inadvertently creates a vulnerability? The answer is it usually goes undetected and only surfaces when it’s been exploited. And because of the Shared Responsibility Model, you are responsible (not Salesforce) for any risk you create from your customizations and development. This is why companies need proactive security testing from tools like S4 to stay on top of risk created from within.

Looking Ahead

The report ends with the security tactics to look ahead to in 2022. Those include:
  • Ensuring you have the right security tools
  • Keeping employees vigilant
  • Backing up your data
  • Investing in emerging technologies

All are great points, with the last one being a nod to emerging technologies like S4. As threats continue to increase, a shift to PROACTIVE Salesforce security instead of REACTIVE is needed and tools like S4 are emerging as leaders in that charge.

Andy Montoya

Andy Montoya

DigitSec

DigitSec brings four scans to protect Salesforce: Source Code Analysis, Custom Runtime Testing, Software Composition Analysis, & Cloud Security Configuration Review. #DevOps

Recent Posts

Sign up for our Newsletter

Get security tips sent to your inbox.

Sign up to get updates and security insights from DigitSec