SlideShare a Scribd company logo

CLE Devs: Security Check Readiness for MFA

Download as PPTX, PDF
L
LyndaKane2

Cleveland Salesforce Developer Group presentation from 1/8/2022 for Security Check: Are you ready for MFA in February? presented by Co-Leaders Lynda Kane and Orlando Briceno Gomez

Technology
1 of 24
Cleveland Salesforce Developer Group Security Check Are you ready for MFA in February? #CLESFDevs
Agenda ● Welcome/Intro ● Achievements ● Today’s Topic: MFA ● Announcements & Upcoming Local Events
Lynda Kane Co-Leader @labboopanda Orlando Briceno-Gomez Co-Leader @orlybg
Achievements Who has earned a certification or superbadge in Oct, Nov, Dec, or Jan? Who has started a new job since September 2021? Who is new to the Cleveland Salesforce Developer Group? Anything else to share?
Security Check: Are you Ready for MFA?
Background: Salesforce MFA Requirement Announcement from 2/2021: “beginning February 1, 2022, Salesforce will begin requiring customers to enable MFA in order to access Salesforce products” • Supply 2 or more pieces of evidence when logging into systems • Something you know (username and password) AND something you possess (authenticator app or security key) • Threats to system security is on the rise globally and constantly evolving, MFA enhances login security All Salesforce Products • Sales Cloud, Service Cloud, Experience Cloud, Marketing Cloud, Pardot, Mulesoft, Quip… • Directly in Salesforce products or within the SSO you have setup for your Salesforce product (Must be turned on in SSO products too)
Background: Security Threat Landscape Many organizations are still password-centric and MFA can help • As of March 2020, 70% of all organizations still rely on password-centric authentication for logins • 81% of all breaches are because of stolen or weak passwords • According to Google, even one of the weakest forms of two-factor authentication—two-step verification through SMS text messages—can stop 100% of all automated attacks, 96% of bulk phishing attacks, and three-quarters of targeted attacks. • SMS isn’t going away but WebAuthn became the W3C official standard in 2019. WebAuthn (https://webauthn.guide/) • Part of the FIDO 2 framework • Adopted by all current major Web Browsers and mobile device operating systems • Includes Authenticator Apps, Security Keys, and in-computer services (like Windows Hello)
Background: Really, How bad are user passwords? According to NordPass, the top 10 most common (worst) passwords of 2021 were: • 123456, 123456789, 12345, qwerty, password, 12345678, 111111, 123123, .1234567890, 1234567 • Popularly used in passwords: Names (people love to use their own name); Onedirection & Metallica (both common bands to be used in passwords); Liverpool (sport teams also popular); Ferrari & Porsche (Car Brand names also make poor passwords); Dolphin (#1 animal used in passwords); #!@? (men use swear words in passwords more often than women - but women use “iloveyou”) Password Hygiene Basics • Longer is better, at least 12 characters and a mix of cases, letters, numbers, symbols (better yet, use a password generator) • Don’t reuse or use for multiple accounts • Change passwords at least every 90 days • Regularly assess password health (https://www.security.org/how-secure-is-my-password/, https://www.passwordmonster.com/, http://www.passwordmeter.com/) • Use a password manager (LastPass, KeePass, Keeper, Zoho Vault, 1Password)
Salesforce MFA Requirement Environments • Production: YES • Sandboxes: MAYBE (Recommended), Required for B2C Commerce Cloud sandboxes • Scratch Orgs: NO • Trailhead Playgrounds: NO • Developer Orgs: MAYBE (Recommended) • Experience Cloud (non-Internal licenses): NO MFA Options • Salesforce Authenticator • TOTP (Microsoft Authenticator, Google Authenticator, DUO, and others) • Security Key (Yubikey, need to enable in Session Settings for Platform) • Built-in authenticator like Windows Hello or Touch ID (Beta, need to enable in Session Settings) • SSO-provided MFA (if your SSO doesn’t use MFA, you must use a Salesforce provided option)
Salesforce MFA Requirement Things to Know • Users can have multiple MFA methods • For Platform, only 1 TOTP (can’t do both Microsoft Authenticator AND Google Authenticator) • If user has Salesforce Authenticator, can enroll in Lightning Login (passwordless, use app to login) • If you’re using SSO, enable Delegated Authentication to see the Is Single Sign-On Enabled system permission for Profiles and Permission Sets (when checked, users cannot login with a Salesforce username/password - Salesforce no longer manages their credentials, your SSO is the only option) • Can Assign MFA to users via Profile or Permission Set with System Permission: Multi-Factor Authentication for User Interface Logins • Security Key Known Issue with Chrome: https://trailblazer.salesforce.com/issues_view?id=a1p4V000002CKpfQAG
MFA List View https://help.salesforce.com/s/articleView?id =sf.security_monitor_verification_methods.h tm&type=5 Fields to add: ● Salesforce Authenticator ● Time-Based One-Time Password App ● U2F Security Key ● Admin Trusted Mobile Number ● User Verified Email ● User Verified Mobile Number ● Temporary Code
Multi-Factor Authentication Dashboard A comprehensive dashboard for monitoring and reporting on multi-factor authentication (MFA) adoption and usage in your Salesforce org. This package includes the following features: MFA view: See who has registered identity verification methods, and perform actions like disconnecting methods and generating temporary verification codes. Dashboard and Reports: Audit verification activities in your org, and track verification method registration progress. MFA Registration Email Template: Integrate this template with the Mass User Email tool to create an MFA registration campaign for your rollout. https://appexchange.salesforce.com/appxListingDetail?listingId=a0N3A00000EFmcXUAT
MFA Dashboard
MFA Rollout Pack https://security.salesforce.com/resources/mfa-rollout-pack
Our Adventures with MFA Lynda - Employer • Sales Cloud - SSO with MFA and Delegated Authentication for Production, Full & Partial Sandboxes • Salesforce MFA Enabled for Developer Pro & Developer Sandboxes • Salesforce MFA Enabled for Marketing Cloud Lynda - Developer Orgs • Salesforce MFA Enabled for Developer Accounts • Multiple Methods of MFA (Salesforce Authenticator, Microsoft Authenticator, YubiKey) Orlando - Employer • No SSO • Implementing MFA in Sales Cloud for PROD & FULL • Salesforce MFA Enabled for Marketing Cloud Orlando - Developer Orgs • What are you doing?
Adding Additional MFA Methods Add a TOTP (after Salesforce Authenticator) Add a Security Key (After Salesforce Authenticator)
Lightning Login https://help.salesforce.com/s/articleView?id=sf.security_ll_enable.htm&type=5
Lightning Login
Lightning Login
Lightning Login
Quiz Time (and SWAG signup) https://forms.gle/XzXC2v4rQDeAVHhx6
Announcements & Upcoming Events https://100daysoftrailhead.com/ Cleveland #SalesforceSaturday Starting again next week at local coffee shops. Posted to the Collaboration Group, LinkedIn, & Twitter. Join our Community Group in Trailhead! (Cleveland #Salesforce Saturday) Job Seeking or Hiring: Are you seeking a new position or looking for new member for your team? Let us know. We can also post in our Trailblazer Community Group on Trailhead!
CLE Devs: Security Check Readiness for MFA

Recommended

Salesforce MFA roll-out & Spring ’22 key new features (2022-01-26)
Salesforce MFA roll-out & Spring ’22 key new features (2022-01-26)Salesforce MFA roll-out & Spring ’22 key new features (2022-01-26)
Salesforce MFA roll-out & Spring ’22 key new features (2022-01-26)Giuseppe Cardace
 
Security Basics for Admins
Security Basics for AdminsSecurity Basics for Admins
Security Basics for AdminsSalesforce Admins
 
Two Factor Authentication: Easy Setup, Major Impact
Two Factor Authentication: Easy Setup, Major ImpactTwo Factor Authentication: Easy Setup, Major Impact
Two Factor Authentication: Easy Setup, Major ImpactSalesforce Admins
 
Créer une App Microsoft Teams : REX - Replay Microsoft Experiences 2018
Créer une App Microsoft Teams : REX - Replay Microsoft Experiences 2018Créer une App Microsoft Teams : REX - Replay Microsoft Experiences 2018
Créer une App Microsoft Teams : REX - Replay Microsoft Experiences 2018Guillaume Meyer
 
Security and Your Salesforce Org
Security and Your Salesforce OrgSecurity and Your Salesforce Org
Security and Your Salesforce OrgSalesforce Admins
 
Protecting Microsoft Teams from Cyber Security Threats - a Practical Guide
Protecting Microsoft Teams from Cyber Security Threats - a Practical GuideProtecting Microsoft Teams from Cyber Security Threats - a Practical Guide
Protecting Microsoft Teams from Cyber Security Threats - a Practical GuideBenedek Menesi
 
Proven Practices for Office 365 Deployment, Security and Management
Proven Practices for Office 365 Deployment, Security and ManagementProven Practices for Office 365 Deployment, Security and Management
Proven Practices for Office 365 Deployment, Security and ManagementPerficient, Inc.
 
SSO introduction
SSO introductionSSO introduction
SSO introductionAidy Tificate
 

Recommended

Salesforce MFA roll-out & Spring ’22 key new features (2022-01-26)
Salesforce MFA roll-out & Spring ’22 key new features (2022-01-26)Salesforce MFA roll-out & Spring ’22 key new features (2022-01-26)
Salesforce MFA roll-out & Spring ’22 key new features (2022-01-26)Giuseppe Cardace
 
Security Basics for Admins
Security Basics for AdminsSecurity Basics for Admins
Security Basics for AdminsSalesforce Admins
 
Two Factor Authentication: Easy Setup, Major Impact
Two Factor Authentication: Easy Setup, Major ImpactTwo Factor Authentication: Easy Setup, Major Impact
Two Factor Authentication: Easy Setup, Major ImpactSalesforce Admins
 
Créer une App Microsoft Teams : REX - Replay Microsoft Experiences 2018
Créer une App Microsoft Teams : REX - Replay Microsoft Experiences 2018Créer une App Microsoft Teams : REX - Replay Microsoft Experiences 2018
Créer une App Microsoft Teams : REX - Replay Microsoft Experiences 2018Guillaume Meyer
 
Security and Your Salesforce Org
Security and Your Salesforce OrgSecurity and Your Salesforce Org
Security and Your Salesforce OrgSalesforce Admins
 
Protecting Microsoft Teams from Cyber Security Threats - a Practical Guide
Protecting Microsoft Teams from Cyber Security Threats - a Practical GuideProtecting Microsoft Teams from Cyber Security Threats - a Practical Guide
Protecting Microsoft Teams from Cyber Security Threats - a Practical GuideBenedek Menesi
 
Proven Practices for Office 365 Deployment, Security and Management
Proven Practices for Office 365 Deployment, Security and ManagementProven Practices for Office 365 Deployment, Security and Management
Proven Practices for Office 365 Deployment, Security and ManagementPerficient, Inc.
 
SSO introduction
SSO introductionSSO introduction
SSO introductionAidy Tificate
 
Zero Trust And Best Practices for Securing Endpoint Apps on May 24th 2021
Zero Trust And Best Practices for Securing Endpoint Apps on May 24th 2021Zero Trust And Best Practices for Securing Endpoint Apps on May 24th 2021
Zero Trust And Best Practices for Securing Endpoint Apps on May 24th 2021Teemu Tiainen
 
Introduction to the Salesforce Security Model
Introduction to the Salesforce Security ModelIntroduction to the Salesforce Security Model
Introduction to the Salesforce Security ModelSalesforce Developers
 
Salesforce New Jersey User Group - Security Awareness
Salesforce New Jersey User Group - Security Awareness Salesforce New Jersey User Group - Security Awareness
Salesforce New Jersey User Group - Security Awareness InternetCreations
 
Dell Password Manager Architecture - Components
Dell Password Manager Architecture - ComponentsDell Password Manager Architecture - Components
Dell Password Manager Architecture - ComponentsAidy Tificate
 
Top Five Ways to Protect Your Salesforce Data
Top Five Ways to Protect Your Salesforce Data Top Five Ways to Protect Your Salesforce Data
Top Five Ways to Protect Your Salesforce Data DataArchiva
 
Mule soft meetup_virtual_ 3_charlotte_07july_2021__final
Mule soft meetup_virtual_ 3_charlotte_07july_2021__finalMule soft meetup_virtual_ 3_charlotte_07july_2021__final
Mule soft meetup_virtual_ 3_charlotte_07july_2021__finalSubhash Patel
 
Choosing the Best Business Intelligence Security Model for Your App
Choosing the Best Business Intelligence Security Model for Your AppChoosing the Best Business Intelligence Security Model for Your App
Choosing the Best Business Intelligence Security Model for Your AppLogi Analytics
 
Single sign on (SSO) How does your company apply?
Single sign on (SSO) How does your company apply?Single sign on (SSO) How does your company apply?
Single sign on (SSO) How does your company apply?Đỗ Duy Trung
 
Salesforce.com Overview
Salesforce.com OverviewSalesforce.com Overview
Salesforce.com Overviewmulodo
 
Salesforce.com overview (1)
Salesforce.com overview (1)Salesforce.com overview (1)
Salesforce.com overview (1)Luan Minh
 
Orlando SFDC User Group 10/2011
Orlando SFDC User Group 10/2011Orlando SFDC User Group 10/2011
Orlando SFDC User Group 10/2011Joshua Hoskins
 
Secure Salesforce: Org Access Controls
Secure Salesforce: Org Access ControlsSecure Salesforce: Org Access Controls
Secure Salesforce: Org Access ControlsSalesforce Developers
 
Salesforce Integration with MuleSoft | MuleSoft Mysore Meetup #12
Salesforce Integration with MuleSoft | MuleSoft Mysore Meetup #12Salesforce Integration with MuleSoft | MuleSoft Mysore Meetup #12
Salesforce Integration with MuleSoft | MuleSoft Mysore Meetup #12MysoreMuleSoftMeetup
 
What is Microsoft Enterprise Mobility Suite and how to deploy it
What is Microsoft Enterprise Mobility Suite and how to deploy itWhat is Microsoft Enterprise Mobility Suite and how to deploy it
What is Microsoft Enterprise Mobility Suite and how to deploy itPeter De Tender
 
Secure Development on the Salesforce Platform - Part 3
Secure Development on the Salesforce Platform - Part 3Secure Development on the Salesforce Platform - Part 3
Secure Development on the Salesforce Platform - Part 3Mark Adcock
 
Engineering Student MuleSoft Meetup#7 - Leveraging MuleSoft Service in Salesf...
Engineering Student MuleSoft Meetup#7 - Leveraging MuleSoft Service in Salesf...Engineering Student MuleSoft Meetup#7 - Leveraging MuleSoft Service in Salesf...
Engineering Student MuleSoft Meetup#7 - Leveraging MuleSoft Service in Salesf...Jitendra Bafna
 
Can't Touch This: Detecting Lateral Movement In Zero Touch Environments
Can't Touch This: Detecting Lateral Movement In Zero Touch EnvironmentsCan't Touch This: Detecting Lateral Movement In Zero Touch Environments
Can't Touch This: Detecting Lateral Movement In Zero Touch EnvironmentsPhillip Marlow
 
Floating on a (Microsoft) Cloud: Data Integration with Microsoft Cloud
Floating on a (Microsoft) Cloud: Data Integration with Microsoft CloudFloating on a (Microsoft) Cloud: Data Integration with Microsoft Cloud
Floating on a (Microsoft) Cloud: Data Integration with Microsoft CloudSafe Software
 
Security engineering 101 when good design & security work together
Security engineering 101 when good design & security work togetherSecurity engineering 101 when good design & security work together
Security engineering 101 when good design & security work togetherWendy Knox Everette
 
Scaling Developer Efforts with Salesforce Marketing Cloud
Scaling Developer Efforts with Salesforce Marketing CloudScaling Developer Efforts with Salesforce Marketing Cloud
Scaling Developer Efforts with Salesforce Marketing CloudSalesforce Developers
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 

More Related Content

Similar to CLE Devs: Security Check Readiness for MFA

Zero Trust And Best Practices for Securing Endpoint Apps on May 24th 2021
Zero Trust And Best Practices for Securing Endpoint Apps on May 24th 2021Zero Trust And Best Practices for Securing Endpoint Apps on May 24th 2021
Zero Trust And Best Practices for Securing Endpoint Apps on May 24th 2021Teemu Tiainen
 
Introduction to the Salesforce Security Model
Introduction to the Salesforce Security ModelIntroduction to the Salesforce Security Model
Introduction to the Salesforce Security ModelSalesforce Developers
 
Salesforce New Jersey User Group - Security Awareness
Salesforce New Jersey User Group - Security Awareness Salesforce New Jersey User Group - Security Awareness
Salesforce New Jersey User Group - Security Awareness InternetCreations
 
Dell Password Manager Architecture - Components
Dell Password Manager Architecture - ComponentsDell Password Manager Architecture - Components
Dell Password Manager Architecture - ComponentsAidy Tificate
 
Top Five Ways to Protect Your Salesforce Data
Top Five Ways to Protect Your Salesforce Data Top Five Ways to Protect Your Salesforce Data
Top Five Ways to Protect Your Salesforce Data DataArchiva
 
Mule soft meetup_virtual_ 3_charlotte_07july_2021__final
Mule soft meetup_virtual_ 3_charlotte_07july_2021__finalMule soft meetup_virtual_ 3_charlotte_07july_2021__final
Mule soft meetup_virtual_ 3_charlotte_07july_2021__finalSubhash Patel
 
Choosing the Best Business Intelligence Security Model for Your App
Choosing the Best Business Intelligence Security Model for Your AppChoosing the Best Business Intelligence Security Model for Your App
Choosing the Best Business Intelligence Security Model for Your AppLogi Analytics
 
Single sign on (SSO) How does your company apply?
Single sign on (SSO) How does your company apply?Single sign on (SSO) How does your company apply?
Single sign on (SSO) How does your company apply?Đỗ Duy Trung
 
Salesforce.com Overview
Salesforce.com OverviewSalesforce.com Overview
Salesforce.com Overviewmulodo
 
Salesforce.com overview (1)
Salesforce.com overview (1)Salesforce.com overview (1)
Salesforce.com overview (1)Luan Minh
 
Orlando SFDC User Group 10/2011
Orlando SFDC User Group 10/2011Orlando SFDC User Group 10/2011
Orlando SFDC User Group 10/2011Joshua Hoskins
 
Secure Salesforce: Org Access Controls
Secure Salesforce: Org Access ControlsSecure Salesforce: Org Access Controls
Secure Salesforce: Org Access ControlsSalesforce Developers
 
Salesforce Integration with MuleSoft | MuleSoft Mysore Meetup #12
Salesforce Integration with MuleSoft | MuleSoft Mysore Meetup #12Salesforce Integration with MuleSoft | MuleSoft Mysore Meetup #12
Salesforce Integration with MuleSoft | MuleSoft Mysore Meetup #12MysoreMuleSoftMeetup
 
What is Microsoft Enterprise Mobility Suite and how to deploy it
What is Microsoft Enterprise Mobility Suite and how to deploy itWhat is Microsoft Enterprise Mobility Suite and how to deploy it
What is Microsoft Enterprise Mobility Suite and how to deploy itPeter De Tender
 
Secure Development on the Salesforce Platform - Part 3
Secure Development on the Salesforce Platform - Part 3Secure Development on the Salesforce Platform - Part 3
Secure Development on the Salesforce Platform - Part 3Mark Adcock
 
Engineering Student MuleSoft Meetup#7 - Leveraging MuleSoft Service in Salesf...
Engineering Student MuleSoft Meetup#7 - Leveraging MuleSoft Service in Salesf...Engineering Student MuleSoft Meetup#7 - Leveraging MuleSoft Service in Salesf...
Engineering Student MuleSoft Meetup#7 - Leveraging MuleSoft Service in Salesf...Jitendra Bafna
 
Can't Touch This: Detecting Lateral Movement In Zero Touch Environments
Can't Touch This: Detecting Lateral Movement In Zero Touch EnvironmentsCan't Touch This: Detecting Lateral Movement In Zero Touch Environments
Can't Touch This: Detecting Lateral Movement In Zero Touch EnvironmentsPhillip Marlow
 
Floating on a (Microsoft) Cloud: Data Integration with Microsoft Cloud
Floating on a (Microsoft) Cloud: Data Integration with Microsoft CloudFloating on a (Microsoft) Cloud: Data Integration with Microsoft Cloud
Floating on a (Microsoft) Cloud: Data Integration with Microsoft CloudSafe Software
 
Security engineering 101 when good design & security work together
Security engineering 101 when good design & security work togetherSecurity engineering 101 when good design & security work together
Security engineering 101 when good design & security work togetherWendy Knox Everette
 
Scaling Developer Efforts with Salesforce Marketing Cloud
Scaling Developer Efforts with Salesforce Marketing CloudScaling Developer Efforts with Salesforce Marketing Cloud
Scaling Developer Efforts with Salesforce Marketing CloudSalesforce Developers
 

Similar to CLE Devs: Security Check Readiness for MFA (20)

Zero Trust And Best Practices for Securing Endpoint Apps on May 24th 2021
Zero Trust And Best Practices for Securing Endpoint Apps on May 24th 2021Zero Trust And Best Practices for Securing Endpoint Apps on May 24th 2021
Zero Trust And Best Practices for Securing Endpoint Apps on May 24th 2021
 
Introduction to the Salesforce Security Model
Introduction to the Salesforce Security ModelIntroduction to the Salesforce Security Model
Introduction to the Salesforce Security Model
 
Salesforce New Jersey User Group - Security Awareness
Salesforce New Jersey User Group - Security Awareness Salesforce New Jersey User Group - Security Awareness
Salesforce New Jersey User Group - Security Awareness
 
Dell Password Manager Architecture - Components
Dell Password Manager Architecture - ComponentsDell Password Manager Architecture - Components
Dell Password Manager Architecture - Components
 
Top Five Ways to Protect Your Salesforce Data
Top Five Ways to Protect Your Salesforce Data Top Five Ways to Protect Your Salesforce Data
Top Five Ways to Protect Your Salesforce Data
 
Mule soft meetup_virtual_ 3_charlotte_07july_2021__final
Mule soft meetup_virtual_ 3_charlotte_07july_2021__finalMule soft meetup_virtual_ 3_charlotte_07july_2021__final
Mule soft meetup_virtual_ 3_charlotte_07july_2021__final
 
Choosing the Best Business Intelligence Security Model for Your App
Choosing the Best Business Intelligence Security Model for Your AppChoosing the Best Business Intelligence Security Model for Your App
Choosing the Best Business Intelligence Security Model for Your App
 
Single sign on (SSO) How does your company apply?
Single sign on (SSO) How does your company apply?Single sign on (SSO) How does your company apply?
Single sign on (SSO) How does your company apply?
 
Salesforce.com Overview
Salesforce.com OverviewSalesforce.com Overview
Salesforce.com Overview
 
Salesforce.com overview (1)
Salesforce.com overview (1)Salesforce.com overview (1)
Salesforce.com overview (1)
 
Orlando SFDC User Group 10/2011
Orlando SFDC User Group 10/2011Orlando SFDC User Group 10/2011
Orlando SFDC User Group 10/2011
 
Secure Salesforce: Org Access Controls
Secure Salesforce: Org Access ControlsSecure Salesforce: Org Access Controls
Secure Salesforce: Org Access Controls
 
Salesforce Integration with MuleSoft | MuleSoft Mysore Meetup #12
Salesforce Integration with MuleSoft | MuleSoft Mysore Meetup #12Salesforce Integration with MuleSoft | MuleSoft Mysore Meetup #12
Salesforce Integration with MuleSoft | MuleSoft Mysore Meetup #12
 
What is Microsoft Enterprise Mobility Suite and how to deploy it
What is Microsoft Enterprise Mobility Suite and how to deploy itWhat is Microsoft Enterprise Mobility Suite and how to deploy it
What is Microsoft Enterprise Mobility Suite and how to deploy it
 
Secure Development on the Salesforce Platform - Part 3
Secure Development on the Salesforce Platform - Part 3Secure Development on the Salesforce Platform - Part 3
Secure Development on the Salesforce Platform - Part 3
 
Engineering Student MuleSoft Meetup#7 - Leveraging MuleSoft Service in Salesf...
Engineering Student MuleSoft Meetup#7 - Leveraging MuleSoft Service in Salesf...Engineering Student MuleSoft Meetup#7 - Leveraging MuleSoft Service in Salesf...
Engineering Student MuleSoft Meetup#7 - Leveraging MuleSoft Service in Salesf...
 
Can't Touch This: Detecting Lateral Movement In Zero Touch Environments
Can't Touch This: Detecting Lateral Movement In Zero Touch EnvironmentsCan't Touch This: Detecting Lateral Movement In Zero Touch Environments
Can't Touch This: Detecting Lateral Movement In Zero Touch Environments
 
Floating on a (Microsoft) Cloud: Data Integration with Microsoft Cloud
Floating on a (Microsoft) Cloud: Data Integration with Microsoft CloudFloating on a (Microsoft) Cloud: Data Integration with Microsoft Cloud
Floating on a (Microsoft) Cloud: Data Integration with Microsoft Cloud
 
Security engineering 101 when good design & security work together
Security engineering 101 when good design & security work togetherSecurity engineering 101 when good design & security work together
Security engineering 101 when good design & security work together
 
Scaling Developer Efforts with Salesforce Marketing Cloud
Scaling Developer Efforts with Salesforce Marketing CloudScaling Developer Efforts with Salesforce Marketing Cloud
Scaling Developer Efforts with Salesforce Marketing Cloud
 

Recently uploaded

How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 

Recently uploaded (20)

How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 

CLE Devs: Security Check Readiness for MFA

  • 1. Cleveland Salesforce Developer Group Security Check Are you ready for MFA in February? #CLESFDevs
  • 2. Agenda ● Welcome/Intro ● Achievements ● Today’s Topic: MFA ● Announcements & Upcoming Local Events
  • 3. Lynda Kane Co-Leader @labboopanda Orlando Briceno-Gomez Co-Leader @orlybg
  • 4. Achievements Who has earned a certification or superbadge in Oct, Nov, Dec, or Jan? Who has started a new job since September 2021? Who is new to the Cleveland Salesforce Developer Group? Anything else to share?
  • 5. Security Check: Are you Ready for MFA?
  • 6. Background: Salesforce MFA Requirement Announcement from 2/2021: “beginning February 1, 2022, Salesforce will begin requiring customers to enable MFA in order to access Salesforce products” • Supply 2 or more pieces of evidence when logging into systems • Something you know (username and password) AND something you possess (authenticator app or security key) • Threats to system security is on the rise globally and constantly evolving, MFA enhances login security All Salesforce Products • Sales Cloud, Service Cloud, Experience Cloud, Marketing Cloud, Pardot, Mulesoft, Quip… • Directly in Salesforce products or within the SSO you have setup for your Salesforce product (Must be turned on in SSO products too)
  • 7. Background: Security Threat Landscape Many organizations are still password-centric and MFA can help • As of March 2020, 70% of all organizations still rely on password-centric authentication for logins • 81% of all breaches are because of stolen or weak passwords • According to Google, even one of the weakest forms of two-factor authentication—two-step verification through SMS text messages—can stop 100% of all automated attacks, 96% of bulk phishing attacks, and three-quarters of targeted attacks. • SMS isn’t going away but WebAuthn became the W3C official standard in 2019. WebAuthn (https://webauthn.guide/) • Part of the FIDO 2 framework • Adopted by all current major Web Browsers and mobile device operating systems • Includes Authenticator Apps, Security Keys, and in-computer services (like Windows Hello)
  • 8.
  • 9. Background: Really, How bad are user passwords? According to NordPass, the top 10 most common (worst) passwords of 2021 were: • 123456, 123456789, 12345, qwerty, password, 12345678, 111111, 123123, .1234567890, 1234567 • Popularly used in passwords: Names (people love to use their own name); Onedirection & Metallica (both common bands to be used in passwords); Liverpool (sport teams also popular); Ferrari & Porsche (Car Brand names also make poor passwords); Dolphin (#1 animal used in passwords); #!@? (men use swear words in passwords more often than women - but women use “iloveyou”) Password Hygiene Basics • Longer is better, at least 12 characters and a mix of cases, letters, numbers, symbols (better yet, use a password generator) • Don’t reuse or use for multiple accounts • Change passwords at least every 90 days • Regularly assess password health (https://www.security.org/how-secure-is-my-password/, https://www.passwordmonster.com/, http://www.passwordmeter.com/) • Use a password manager (LastPass, KeePass, Keeper, Zoho Vault, 1Password)
  • 10. Salesforce MFA Requirement Environments • Production: YES • Sandboxes: MAYBE (Recommended), Required for B2C Commerce Cloud sandboxes • Scratch Orgs: NO • Trailhead Playgrounds: NO • Developer Orgs: MAYBE (Recommended) • Experience Cloud (non-Internal licenses): NO MFA Options • Salesforce Authenticator • TOTP (Microsoft Authenticator, Google Authenticator, DUO, and others) • Security Key (Yubikey, need to enable in Session Settings for Platform) • Built-in authenticator like Windows Hello or Touch ID (Beta, need to enable in Session Settings) • SSO-provided MFA (if your SSO doesn’t use MFA, you must use a Salesforce provided option)
  • 11. Salesforce MFA Requirement Things to Know • Users can have multiple MFA methods • For Platform, only 1 TOTP (can’t do both Microsoft Authenticator AND Google Authenticator) • If user has Salesforce Authenticator, can enroll in Lightning Login (passwordless, use app to login) • If you’re using SSO, enable Delegated Authentication to see the Is Single Sign-On Enabled system permission for Profiles and Permission Sets (when checked, users cannot login with a Salesforce username/password - Salesforce no longer manages their credentials, your SSO is the only option) • Can Assign MFA to users via Profile or Permission Set with System Permission: Multi-Factor Authentication for User Interface Logins • Security Key Known Issue with Chrome: https://trailblazer.salesforce.com/issues_view?id=a1p4V000002CKpfQAG
  • 12. MFA List View https://help.salesforce.com/s/articleView?id =sf.security_monitor_verification_methods.h tm&type=5 Fields to add: ● Salesforce Authenticator ● Time-Based One-Time Password App ● U2F Security Key ● Admin Trusted Mobile Number ● User Verified Email ● User Verified Mobile Number ● Temporary Code
  • 13. Multi-Factor Authentication Dashboard A comprehensive dashboard for monitoring and reporting on multi-factor authentication (MFA) adoption and usage in your Salesforce org. This package includes the following features: MFA view: See who has registered identity verification methods, and perform actions like disconnecting methods and generating temporary verification codes. Dashboard and Reports: Audit verification activities in your org, and track verification method registration progress. MFA Registration Email Template: Integrate this template with the Mass User Email tool to create an MFA registration campaign for your rollout. https://appexchange.salesforce.com/appxListingDetail?listingId=a0N3A00000EFmcXUAT
  • 16. Our Adventures with MFA Lynda - Employer • Sales Cloud - SSO with MFA and Delegated Authentication for Production, Full & Partial Sandboxes • Salesforce MFA Enabled for Developer Pro & Developer Sandboxes • Salesforce MFA Enabled for Marketing Cloud Lynda - Developer Orgs • Salesforce MFA Enabled for Developer Accounts • Multiple Methods of MFA (Salesforce Authenticator, Microsoft Authenticator, YubiKey) Orlando - Employer • No SSO • Implementing MFA in Sales Cloud for PROD & FULL • Salesforce MFA Enabled for Marketing Cloud Orlando - Developer Orgs • What are you doing?
  • 17. Adding Additional MFA Methods Add a TOTP (after Salesforce Authenticator) Add a Security Key (After Salesforce Authenticator)
  • 22. Quiz Time (and SWAG signup) https://forms.gle/XzXC2v4rQDeAVHhx6
  • 23. Announcements & Upcoming Events https://100daysoftrailhead.com/ Cleveland #SalesforceSaturday Starting again next week at local coffee shops. Posted to the Collaboration Group, LinkedIn, & Twitter. Join our Community Group in Trailhead! (Cleveland #Salesforce Saturday) Job Seeking or Hiring: Are you seeking a new position or looking for new member for your team? Let us know. We can also post in our Trailblazer Community Group on Trailhead!