SlideShare a Scribd company logo

Salesforce Security

S
SFSupport

This document discusses various security features in Salesforce including auditing, health checks, encryption, event monitoring, field audit trails, transaction security policies, login and field history monitoring, and Apex security. It explains that Salesforce and customers share responsibility to protect data. Regular audits should be done to detect potential abuse, and health checks can identify vulnerabilities. Features like encryption, event monitoring, and field audit trails provide security and compliance. Transaction policies can limit logins and data exports. Login and field histories along with setup change monitoring allow tracking of activity. Apex security requires enforcing user permissions, sharing rules, and SOQL permissions.

Technology
1 of 4
https://sfsupport247.com | Salesforce Training & Support | sfcontact.247@gmail.com Salesforce Security Leader in SF Training and Support 1
https://sfsupport247.com | Salesforce Training & Support | sfcontact.247@gmail.com Salesforce is built with security to protect your data and applications. Protecting your data is a joint responsibility between you and Salesforce. The Salesforce security features enable you to empower your users to do their jobs safelAuditing provides information about use of the system, which can be critical in diagnosing potential or real security issues. The Salesforce auditing features don't secure your organization by themselves; someone in your organization should do regular audits to detect potential abuse.y and efficiently. Salesforce Security 2 Phishing and Malware If you see something suspicious related to your Salesforce implementation, report it to security@salesforce.com, in addition to your own IT or security team. Trust starts with transparency. That’s why Salesforce displays real-time information on system performance and security at http://trust.salesforce.com and http://trust.salesforce.com/securit Security Health Check Salesforce admin can use Health Check to identify and fix potential vulnerabilities in your security settings, all from a single page. A summary score shows how your org measures against a security baseline, like the Salesforce Baseline Standard. You can upload up to five custom baselines to use instead of the Salesforce Baseline Standard. Auditing Auditing provides information about use of the system, which can be critical in diagnosing potential or real security issues. The Salesforce auditing features don't secure your organization by themselves; someone in your organization should do regular audits to detect potential abuse.
https://sfsupport247.com | Salesforce Training & Support | sfcontact.247@gmail.com Salesforce Security 3 Salesforce Shield Salesforce Shield is a trio of security tools that admins and developers can use to build a new level of trust, transparency, compliance, and governance right into business-critical apps. It includes Platform Encryption, Event Monitoring, and Field Audit Trail. Encrypt Fields, Files, and Other Data Elements With Encryption Policy, Filter Encrypted Data with Deterministic Encryption, Cache-Only Key Service, Platform Encryption - Encryption allows you to natively encrypt your most sensitive data at rest across all your Salesforce apps. Event Monitoring - gives access to detailed performance, security, and usage data on all your Salesforce apps. Every interaction is tracked and accessible via API, Field Audit Trail - lets you know the state and value of your data for any date, at any time. You can use it for regulatory compliance, internal governance, audit, or customer service. Transaction Security Policies When enabled Transaction Security for your org, two policies are created. 1) Concurrent User Session Limit policy to limit concurrent login sessions. -A user with five current sessions tries to log in for a sixth session. 2) Lead Data Export policy to block excessive data downloads of leads - Retrieves more than 2,000 lead records Monitoring Organizatio n’s Security Track login and field history, monitor setup changes, and take actions based on events. Monitor Login History, Field History Tracking, Monitor Setup Changes, Transaction Security Policies
https://sfsupport247.com | Salesforce Training & Support | sfcontact.247@gmail.com During the Apex programming, the security of Apex code is critical. Make sure to add user permissions for Apex classes and enforce sharing rules. Apex code generally runs in system context i.e. current user's permissions, field-level security, and sharing rules aren’t taken into account during code execution. Note: - Apex code execution for executeAnonymous block always executes using the full permissions of the current user. public with sharing class ClassName { ........... } public without sharing class ClassName{ ........... } Object-leve and Field Level permissions: Sharing rules are distinct from object-level and field-level permissions. They can coexist. If sharing rules are defined in Salesforce, you can enforce them at the class level by declaring the class with the with sharing keyword. SOQL Permissions: [SELECT Id, (SELECT LastName FROM Contacts), (SELECT Description FROM Opportunities) FROM Account WITH SECURITY_ENFORCED] [SELECT Id, parent.Name, parent.Website FROM Account WITH SECURITY_ENFORCED] Apex Security 4

Recommended

Secure Salesforce: CRUD / FLS / Sharing
Secure Salesforce: CRUD / FLS / SharingSecure Salesforce: CRUD / FLS / Sharing
Secure Salesforce: CRUD / FLS / SharingSalesforce Developers
 
Secure Salesforce: Code Scanning with Checkmarx
Secure Salesforce: Code Scanning with CheckmarxSecure Salesforce: Code Scanning with Checkmarx
Secure Salesforce: Code Scanning with CheckmarxSalesforce Developers
 
Secure Coding: Field-level Security, CRUD, and Sharing
Secure Coding: Field-level Security, CRUD, and SharingSecure Coding: Field-level Security, CRUD, and Sharing
Secure Coding: Field-level Security, CRUD, and SharingSalesforce Developers
 
Introduction to the Salesforce Security Model
Introduction to the Salesforce Security ModelIntroduction to the Salesforce Security Model
Introduction to the Salesforce Security ModelSalesforce Developers
 
Secure Coding: SSL, SOAP, and REST
Secure Coding: SSL, SOAP, and RESTSecure Coding: SSL, SOAP, and REST
Secure Coding: SSL, SOAP, and RESTSalesforce Developers
 
Secure Salesforce: Org Access Controls
Secure Salesforce: Org Access ControlsSecure Salesforce: Org Access Controls
Secure Salesforce: Org Access ControlsSalesforce Developers
 
Reading Summary - Software Requirements + Characteristics of Well Written Req...
Reading Summary - Software Requirements + Characteristics of Well Written Req...Reading Summary - Software Requirements + Characteristics of Well Written Req...
Reading Summary - Software Requirements + Characteristics of Well Written Req...Artemisa Yescas Engler
 
Navi Mumbai Salesforce DUG meetup on integration
Navi Mumbai Salesforce DUG meetup on integrationNavi Mumbai Salesforce DUG meetup on integration
Navi Mumbai Salesforce DUG meetup on integrationRakesh Gupta
 

Recommended

Secure Salesforce: CRUD / FLS / Sharing
Secure Salesforce: CRUD / FLS / SharingSecure Salesforce: CRUD / FLS / Sharing
Secure Salesforce: CRUD / FLS / SharingSalesforce Developers
 
Secure Salesforce: Code Scanning with Checkmarx
Secure Salesforce: Code Scanning with CheckmarxSecure Salesforce: Code Scanning with Checkmarx
Secure Salesforce: Code Scanning with CheckmarxSalesforce Developers
 
Secure Coding: Field-level Security, CRUD, and Sharing
Secure Coding: Field-level Security, CRUD, and SharingSecure Coding: Field-level Security, CRUD, and Sharing
Secure Coding: Field-level Security, CRUD, and SharingSalesforce Developers
 
Introduction to the Salesforce Security Model
Introduction to the Salesforce Security ModelIntroduction to the Salesforce Security Model
Introduction to the Salesforce Security ModelSalesforce Developers
 
Secure Coding: SSL, SOAP, and REST
Secure Coding: SSL, SOAP, and RESTSecure Coding: SSL, SOAP, and REST
Secure Coding: SSL, SOAP, and RESTSalesforce Developers
 
Secure Salesforce: Org Access Controls
Secure Salesforce: Org Access ControlsSecure Salesforce: Org Access Controls
Secure Salesforce: Org Access ControlsSalesforce Developers
 
Reading Summary - Software Requirements + Characteristics of Well Written Req...
Reading Summary - Software Requirements + Characteristics of Well Written Req...Reading Summary - Software Requirements + Characteristics of Well Written Req...
Reading Summary - Software Requirements + Characteristics of Well Written Req...Artemisa Yescas Engler
 
Navi Mumbai Salesforce DUG meetup on integration
Navi Mumbai Salesforce DUG meetup on integrationNavi Mumbai Salesforce DUG meetup on integration
Navi Mumbai Salesforce DUG meetup on integrationRakesh Gupta
 
Managing Application Compatibility In Windows 7
Managing Application Compatibility In Windows 7Managing Application Compatibility In Windows 7
Managing Application Compatibility In Windows 7Vijay Raj
 
Secure Salesforce: External App Integrations
Secure Salesforce: External App IntegrationsSecure Salesforce: External App Integrations
Secure Salesforce: External App IntegrationsSalesforce Developers
 
Lightning Components: The Future
Lightning Components: The FutureLightning Components: The Future
Lightning Components: The FutureSalesforce Developers
 
Easy REST Integrations with Lightning Components and Salesforce1
Easy REST Integrations with Lightning Components and Salesforce1Easy REST Integrations with Lightning Components and Salesforce1
Easy REST Integrations with Lightning Components and Salesforce1Salesforce Developers
 
Reducing Outages and Degradations With Proactive Application Performance Moni...
Reducing Outages and Degradations With Proactive Application Performance Moni...Reducing Outages and Degradations With Proactive Application Performance Moni...
Reducing Outages and Degradations With Proactive Application Performance Moni...SL Corporation
 
Integration using Salesforce Canvas
Integration using Salesforce CanvasIntegration using Salesforce Canvas
Integration using Salesforce CanvasDhanik Sahni
 
V labs-assignment-1-sepm
V labs-assignment-1-sepmV labs-assignment-1-sepm
V labs-assignment-1-sepmSayanChaudhuri5
 
Training Webinar: Fitting OutSystems applications into Enterprise Architecture
Training Webinar: Fitting OutSystems applications into Enterprise ArchitectureTraining Webinar: Fitting OutSystems applications into Enterprise Architecture
Training Webinar: Fitting OutSystems applications into Enterprise ArchitectureOutSystems
 
Microservices: A Step Towards Modernizing Healthcare Applications
Microservices: A Step Towards Modernizing Healthcare ApplicationsMicroservices: A Step Towards Modernizing Healthcare Applications
Microservices: A Step Towards Modernizing Healthcare ApplicationsCitiusTech
 
Functional vs Non-functional Requirements - Which comes first?
Functional vs Non-functional Requirements - Which comes first?Functional vs Non-functional Requirements - Which comes first?
Functional vs Non-functional Requirements - Which comes first?Evgeniy Labunskiy
 
Salesforce Continuous Integration with AutoRABIT
Salesforce Continuous Integration with AutoRABITSalesforce Continuous Integration with AutoRABIT
Salesforce Continuous Integration with AutoRABITVishnu Raju Datla
 
Forrester On Using Subversion to Optimize Globally Distributed Development
Forrester On Using Subversion to Optimize Globally Distributed DevelopmentForrester On Using Subversion to Optimize Globally Distributed Development
Forrester On Using Subversion to Optimize Globally Distributed DevelopmentWANdisco Plc
 
Salesforce Integration Pattern Overview
Salesforce Integration Pattern OverviewSalesforce Integration Pattern Overview
Salesforce Integration Pattern OverviewDhanik Sahni
 
Assisted deployment services offering overview
Assisted deployment services offering overviewAssisted deployment services offering overview
Assisted deployment services offering overviewIBM Rational software
 
Use Microsoft Flow Connectors to create a powerful business process app
Use Microsoft Flow Connectors to create a powerful business process appUse Microsoft Flow Connectors to create a powerful business process app
Use Microsoft Flow Connectors to create a powerful business process appMarkus Alt
 
Lightning Out: Components for the Rest of the World
Lightning Out: Components for the Rest of the WorldLightning Out: Components for the Rest of the World
Lightning Out: Components for the Rest of the WorldSalesforce Developers
 
Non-Functional Requirements Are Important (with Explanatory Notes)
Non-Functional Requirements Are Important (with Explanatory Notes)Non-Functional Requirements Are Important (with Explanatory Notes)
Non-Functional Requirements Are Important (with Explanatory Notes)Stephen Booth MIET MBCS OLA
 
Deploying Office 365 Pro Plus @ Windows 10 Partner Technical Bootcamp Microso...
Deploying Office 365 Pro Plus @ Windows 10 Partner Technical Bootcamp Microso...Deploying Office 365 Pro Plus @ Windows 10 Partner Technical Bootcamp Microso...
Deploying Office 365 Pro Plus @ Windows 10 Partner Technical Bootcamp Microso...Jan Ketil Skanke
 
Windows 7 – Application Compatibility Toolkit 5.5 Overview
Windows 7 – Application Compatibility Toolkit 5.5 OverviewWindows 7 – Application Compatibility Toolkit 5.5 Overview
Windows 7 – Application Compatibility Toolkit 5.5 OverviewVijay Raj
 
Non functional performance requirements v2.2
Non functional performance requirements v2.2Non functional performance requirements v2.2
Non functional performance requirements v2.2Ian McDonald
 
Salesforce Shield - Real Time Event Monitoring and Platform Encryprion
Salesforce Shield - Real Time Event Monitoring and Platform EncryprionSalesforce Shield - Real Time Event Monitoring and Platform Encryprion
Salesforce Shield - Real Time Event Monitoring and Platform EncryprionAbhishek Kumar
 
CompTIA CySA Domain 3 Security Operations and Monitoring.pptx
CompTIA CySA Domain 3 Security Operations and Monitoring.pptxCompTIA CySA Domain 3 Security Operations and Monitoring.pptx
CompTIA CySA Domain 3 Security Operations and Monitoring.pptxInfosectrain3
 

More Related Content

What's hot

Managing Application Compatibility In Windows 7
Managing Application Compatibility In Windows 7Managing Application Compatibility In Windows 7
Managing Application Compatibility In Windows 7Vijay Raj
 
Secure Salesforce: External App Integrations
Secure Salesforce: External App IntegrationsSecure Salesforce: External App Integrations
Secure Salesforce: External App IntegrationsSalesforce Developers
 
Easy REST Integrations with Lightning Components and Salesforce1
Easy REST Integrations with Lightning Components and Salesforce1Easy REST Integrations with Lightning Components and Salesforce1
Easy REST Integrations with Lightning Components and Salesforce1Salesforce Developers
 
Reducing Outages and Degradations With Proactive Application Performance Moni...
Reducing Outages and Degradations With Proactive Application Performance Moni...Reducing Outages and Degradations With Proactive Application Performance Moni...
Reducing Outages and Degradations With Proactive Application Performance Moni...SL Corporation
 
Integration using Salesforce Canvas
Integration using Salesforce CanvasIntegration using Salesforce Canvas
Integration using Salesforce CanvasDhanik Sahni
 
V labs-assignment-1-sepm
V labs-assignment-1-sepmV labs-assignment-1-sepm
V labs-assignment-1-sepmSayanChaudhuri5
 
Training Webinar: Fitting OutSystems applications into Enterprise Architecture
Training Webinar: Fitting OutSystems applications into Enterprise ArchitectureTraining Webinar: Fitting OutSystems applications into Enterprise Architecture
Training Webinar: Fitting OutSystems applications into Enterprise ArchitectureOutSystems
 
Microservices: A Step Towards Modernizing Healthcare Applications
Microservices: A Step Towards Modernizing Healthcare ApplicationsMicroservices: A Step Towards Modernizing Healthcare Applications
Microservices: A Step Towards Modernizing Healthcare ApplicationsCitiusTech
 
Functional vs Non-functional Requirements - Which comes first?
Functional vs Non-functional Requirements - Which comes first?Functional vs Non-functional Requirements - Which comes first?
Functional vs Non-functional Requirements - Which comes first?Evgeniy Labunskiy
 
Salesforce Continuous Integration with AutoRABIT
Salesforce Continuous Integration with AutoRABITSalesforce Continuous Integration with AutoRABIT
Salesforce Continuous Integration with AutoRABITVishnu Raju Datla
 
Forrester On Using Subversion to Optimize Globally Distributed Development
Forrester On Using Subversion to Optimize Globally Distributed DevelopmentForrester On Using Subversion to Optimize Globally Distributed Development
Forrester On Using Subversion to Optimize Globally Distributed DevelopmentWANdisco Plc
 
Salesforce Integration Pattern Overview
Salesforce Integration Pattern OverviewSalesforce Integration Pattern Overview
Salesforce Integration Pattern OverviewDhanik Sahni
 
Assisted deployment services offering overview
Assisted deployment services offering overviewAssisted deployment services offering overview
Assisted deployment services offering overviewIBM Rational software
 
Use Microsoft Flow Connectors to create a powerful business process app
Use Microsoft Flow Connectors to create a powerful business process appUse Microsoft Flow Connectors to create a powerful business process app
Use Microsoft Flow Connectors to create a powerful business process appMarkus Alt
 
Lightning Out: Components for the Rest of the World
Lightning Out: Components for the Rest of the WorldLightning Out: Components for the Rest of the World
Lightning Out: Components for the Rest of the WorldSalesforce Developers
 
Non-Functional Requirements Are Important (with Explanatory Notes)
Non-Functional Requirements Are Important (with Explanatory Notes)Non-Functional Requirements Are Important (with Explanatory Notes)
Non-Functional Requirements Are Important (with Explanatory Notes)Stephen Booth MIET MBCS OLA
 
Deploying Office 365 Pro Plus @ Windows 10 Partner Technical Bootcamp Microso...
Deploying Office 365 Pro Plus @ Windows 10 Partner Technical Bootcamp Microso...Deploying Office 365 Pro Plus @ Windows 10 Partner Technical Bootcamp Microso...
Deploying Office 365 Pro Plus @ Windows 10 Partner Technical Bootcamp Microso...Jan Ketil Skanke
 
Windows 7 – Application Compatibility Toolkit 5.5 Overview
Windows 7 – Application Compatibility Toolkit 5.5 OverviewWindows 7 – Application Compatibility Toolkit 5.5 Overview
Windows 7 – Application Compatibility Toolkit 5.5 OverviewVijay Raj
 
Non functional performance requirements v2.2
Non functional performance requirements v2.2Non functional performance requirements v2.2
Non functional performance requirements v2.2Ian McDonald
 

What's hot (20)

Managing Application Compatibility In Windows 7
Managing Application Compatibility In Windows 7Managing Application Compatibility In Windows 7
Managing Application Compatibility In Windows 7
 
Secure Salesforce: External App Integrations
Secure Salesforce: External App IntegrationsSecure Salesforce: External App Integrations
Secure Salesforce: External App Integrations
 
Lightning Components: The Future
Lightning Components: The FutureLightning Components: The Future
Lightning Components: The Future
 
Easy REST Integrations with Lightning Components and Salesforce1
Easy REST Integrations with Lightning Components and Salesforce1Easy REST Integrations with Lightning Components and Salesforce1
Easy REST Integrations with Lightning Components and Salesforce1
 
Reducing Outages and Degradations With Proactive Application Performance Moni...
Reducing Outages and Degradations With Proactive Application Performance Moni...Reducing Outages and Degradations With Proactive Application Performance Moni...
Reducing Outages and Degradations With Proactive Application Performance Moni...
 
Integration using Salesforce Canvas
Integration using Salesforce CanvasIntegration using Salesforce Canvas
Integration using Salesforce Canvas
 
V labs-assignment-1-sepm
V labs-assignment-1-sepmV labs-assignment-1-sepm
V labs-assignment-1-sepm
 
Training Webinar: Fitting OutSystems applications into Enterprise Architecture
Training Webinar: Fitting OutSystems applications into Enterprise ArchitectureTraining Webinar: Fitting OutSystems applications into Enterprise Architecture
Training Webinar: Fitting OutSystems applications into Enterprise Architecture
 
Microservices: A Step Towards Modernizing Healthcare Applications
Microservices: A Step Towards Modernizing Healthcare ApplicationsMicroservices: A Step Towards Modernizing Healthcare Applications
Microservices: A Step Towards Modernizing Healthcare Applications
 
Functional vs Non-functional Requirements - Which comes first?
Functional vs Non-functional Requirements - Which comes first?Functional vs Non-functional Requirements - Which comes first?
Functional vs Non-functional Requirements - Which comes first?
 
Salesforce Continuous Integration with AutoRABIT
Salesforce Continuous Integration with AutoRABITSalesforce Continuous Integration with AutoRABIT
Salesforce Continuous Integration with AutoRABIT
 
Forrester On Using Subversion to Optimize Globally Distributed Development
Forrester On Using Subversion to Optimize Globally Distributed DevelopmentForrester On Using Subversion to Optimize Globally Distributed Development
Forrester On Using Subversion to Optimize Globally Distributed Development
 
Salesforce Integration Pattern Overview
Salesforce Integration Pattern OverviewSalesforce Integration Pattern Overview
Salesforce Integration Pattern Overview
 
Assisted deployment services offering overview
Assisted deployment services offering overviewAssisted deployment services offering overview
Assisted deployment services offering overview
 
Use Microsoft Flow Connectors to create a powerful business process app
Use Microsoft Flow Connectors to create a powerful business process appUse Microsoft Flow Connectors to create a powerful business process app
Use Microsoft Flow Connectors to create a powerful business process app
 
Lightning Out: Components for the Rest of the World
Lightning Out: Components for the Rest of the WorldLightning Out: Components for the Rest of the World
Lightning Out: Components for the Rest of the World
 
Non-Functional Requirements Are Important (with Explanatory Notes)
Non-Functional Requirements Are Important (with Explanatory Notes)Non-Functional Requirements Are Important (with Explanatory Notes)
Non-Functional Requirements Are Important (with Explanatory Notes)
 
Deploying Office 365 Pro Plus @ Windows 10 Partner Technical Bootcamp Microso...
Deploying Office 365 Pro Plus @ Windows 10 Partner Technical Bootcamp Microso...Deploying Office 365 Pro Plus @ Windows 10 Partner Technical Bootcamp Microso...
Deploying Office 365 Pro Plus @ Windows 10 Partner Technical Bootcamp Microso...
 
Windows 7 – Application Compatibility Toolkit 5.5 Overview
Windows 7 – Application Compatibility Toolkit 5.5 OverviewWindows 7 – Application Compatibility Toolkit 5.5 Overview
Windows 7 – Application Compatibility Toolkit 5.5 Overview
 
Non functional performance requirements v2.2
Non functional performance requirements v2.2Non functional performance requirements v2.2
Non functional performance requirements v2.2
 

Similar to Salesforce Security

Salesforce Shield - Real Time Event Monitoring and Platform Encryprion
Salesforce Shield - Real Time Event Monitoring and Platform EncryprionSalesforce Shield - Real Time Event Monitoring and Platform Encryprion
Salesforce Shield - Real Time Event Monitoring and Platform EncryprionAbhishek Kumar
 
CompTIA CySA Domain 3 Security Operations and Monitoring.pptx
CompTIA CySA Domain 3 Security Operations and Monitoring.pptxCompTIA CySA Domain 3 Security Operations and Monitoring.pptx
CompTIA CySA Domain 3 Security Operations and Monitoring.pptxInfosectrain3
 
Tripwire enterprise 87_datasheet
Tripwire enterprise 87_datasheetTripwire enterprise 87_datasheet
Tripwire enterprise 87_datasheetDevaraj Sl
 
Top Five Ways to Protect Your Salesforce Data
Top Five Ways to Protect Your Salesforce Data Top Five Ways to Protect Your Salesforce Data
Top Five Ways to Protect Your Salesforce Data DataArchiva
 
Security and Your Salesforce Org
Security and Your Salesforce OrgSecurity and Your Salesforce Org
Security and Your Salesforce OrgSalesforce Admins
 
Using m365 defender to protect against solorigate
Using m365 defender to protect against solorigateUsing m365 defender to protect against solorigate
Using m365 defender to protect against solorigateMatt Soseman
 
Soteria Cybersecurity Healthcheck-FB01
Soteria Cybersecurity Healthcheck-FB01Soteria Cybersecurity Healthcheck-FB01
Soteria Cybersecurity Healthcheck-FB01Richard Sullivan
 
Salesforce shield & summer 20 release
Salesforce shield & summer 20 releaseSalesforce shield & summer 20 release
Salesforce shield & summer 20 releaseDevendra Sawant
 
Secure Development on the Salesforce Platform - Part 3
Secure Development on the Salesforce Platform - Part 3Secure Development on the Salesforce Platform - Part 3
Secure Development on the Salesforce Platform - Part 3Mark Adcock
 
Secure Development on the Salesforce Platform - Part I
Secure Development on the Salesforce Platform - Part ISecure Development on the Salesforce Platform - Part I
Secure Development on the Salesforce Platform - Part ISalesforce Developers
 
SEIM-Microsoft Sentinel.pptx
SEIM-Microsoft Sentinel.pptxSEIM-Microsoft Sentinel.pptx
SEIM-Microsoft Sentinel.pptxAmrMousa51
 
Best Practices, Types, and Tools for Security Testing in 2023.docx
Best Practices, Types, and Tools for Security Testing in 2023.docxBest Practices, Types, and Tools for Security Testing in 2023.docx
Best Practices, Types, and Tools for Security Testing in 2023.docxAfour tech
 
SailPoint VS CyberArk.pdf
SailPoint VS CyberArk.pdfSailPoint VS CyberArk.pdf
SailPoint VS CyberArk.pdfVishnuGone
 
Free and open cloud security posture monitoring
Free and open cloud security posture monitoringFree and open cloud security posture monitoring
Free and open cloud security posture monitoringElasticsearch
 
Worksheet 4 LANWAN Compliance and Auditinglook on the docume.docx
Worksheet 4 LANWAN Compliance and Auditinglook on the docume.docxWorksheet 4 LANWAN Compliance and Auditinglook on the docume.docx
Worksheet 4 LANWAN Compliance and Auditinglook on the docume.docxgriffinruthie22
 
SAP Application Access with Instasafe Zero Trust
SAP Application Access with Instasafe Zero TrustSAP Application Access with Instasafe Zero Trust
SAP Application Access with Instasafe Zero TrustInstaSafe Technologies
 
The 15 best cloud security practices
The 15 best cloud security practices The 15 best cloud security practices
The 15 best cloud security practices Cloudride LTD
 

Similar to Salesforce Security (20)

Salesforce Shield - Real Time Event Monitoring and Platform Encryprion
Salesforce Shield - Real Time Event Monitoring and Platform EncryprionSalesforce Shield - Real Time Event Monitoring and Platform Encryprion
Salesforce Shield - Real Time Event Monitoring and Platform Encryprion
 
CompTIA CySA Domain 3 Security Operations and Monitoring.pptx
CompTIA CySA Domain 3 Security Operations and Monitoring.pptxCompTIA CySA Domain 3 Security Operations and Monitoring.pptx
CompTIA CySA Domain 3 Security Operations and Monitoring.pptx
 
Tripwire enterprise 87_datasheet
Tripwire enterprise 87_datasheetTripwire enterprise 87_datasheet
Tripwire enterprise 87_datasheet
 
Top Five Ways to Protect Your Salesforce Data
Top Five Ways to Protect Your Salesforce Data Top Five Ways to Protect Your Salesforce Data
Top Five Ways to Protect Your Salesforce Data
 
Security and Your Salesforce Org
Security and Your Salesforce OrgSecurity and Your Salesforce Org
Security and Your Salesforce Org
 
Using m365 defender to protect against solorigate
Using m365 defender to protect against solorigateUsing m365 defender to protect against solorigate
Using m365 defender to protect against solorigate
 
SecOps.pdf
SecOps.pdfSecOps.pdf
SecOps.pdf
 
Soteria Cybersecurity Healthcheck-FB01
Soteria Cybersecurity Healthcheck-FB01Soteria Cybersecurity Healthcheck-FB01
Soteria Cybersecurity Healthcheck-FB01
 
Salesforce shield & summer 20 release
Salesforce shield & summer 20 releaseSalesforce shield & summer 20 release
Salesforce shield & summer 20 release
 
Secure Development on the Salesforce Platform - Part 3
Secure Development on the Salesforce Platform - Part 3Secure Development on the Salesforce Platform - Part 3
Secure Development on the Salesforce Platform - Part 3
 
Secure Development on the Salesforce Platform - Part I
Secure Development on the Salesforce Platform - Part ISecure Development on the Salesforce Platform - Part I
Secure Development on the Salesforce Platform - Part I
 
SEIM-Microsoft Sentinel.pptx
SEIM-Microsoft Sentinel.pptxSEIM-Microsoft Sentinel.pptx
SEIM-Microsoft Sentinel.pptx
 
Best Practices, Types, and Tools for Security Testing in 2023.docx
Best Practices, Types, and Tools for Security Testing in 2023.docxBest Practices, Types, and Tools for Security Testing in 2023.docx
Best Practices, Types, and Tools for Security Testing in 2023.docx
 
Managing Compliance
Managing ComplianceManaging Compliance
Managing Compliance
 
SailPoint VS CyberArk.pdf
SailPoint VS CyberArk.pdfSailPoint VS CyberArk.pdf
SailPoint VS CyberArk.pdf
 
Security and Compliance
Security and ComplianceSecurity and Compliance
Security and Compliance
 
Free and open cloud security posture monitoring
Free and open cloud security posture monitoringFree and open cloud security posture monitoring
Free and open cloud security posture monitoring
 
Worksheet 4 LANWAN Compliance and Auditinglook on the docume.docx
Worksheet 4 LANWAN Compliance and Auditinglook on the docume.docxWorksheet 4 LANWAN Compliance and Auditinglook on the docume.docx
Worksheet 4 LANWAN Compliance and Auditinglook on the docume.docx
 
SAP Application Access with Instasafe Zero Trust
SAP Application Access with Instasafe Zero TrustSAP Application Access with Instasafe Zero Trust
SAP Application Access with Instasafe Zero Trust
 
The 15 best cloud security practices
The 15 best cloud security practices The 15 best cloud security practices
The 15 best cloud security practices
 

Recently uploaded

Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024The Digital Insurer
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 

Recently uploaded (20)

Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 

Salesforce Security

  • 1. https://sfsupport247.com | Salesforce Training & Support | sfcontact.247@gmail.com Salesforce Security Leader in SF Training and Support 1
  • 2. https://sfsupport247.com | Salesforce Training & Support | sfcontact.247@gmail.com Salesforce is built with security to protect your data and applications. Protecting your data is a joint responsibility between you and Salesforce. The Salesforce security features enable you to empower your users to do their jobs safelAuditing provides information about use of the system, which can be critical in diagnosing potential or real security issues. The Salesforce auditing features don't secure your organization by themselves; someone in your organization should do regular audits to detect potential abuse.y and efficiently. Salesforce Security 2 Phishing and Malware If you see something suspicious related to your Salesforce implementation, report it to security@salesforce.com, in addition to your own IT or security team. Trust starts with transparency. That’s why Salesforce displays real-time information on system performance and security at http://trust.salesforce.com and http://trust.salesforce.com/securit Security Health Check Salesforce admin can use Health Check to identify and fix potential vulnerabilities in your security settings, all from a single page. A summary score shows how your org measures against a security baseline, like the Salesforce Baseline Standard. You can upload up to five custom baselines to use instead of the Salesforce Baseline Standard. Auditing Auditing provides information about use of the system, which can be critical in diagnosing potential or real security issues. The Salesforce auditing features don't secure your organization by themselves; someone in your organization should do regular audits to detect potential abuse.
  • 3. https://sfsupport247.com | Salesforce Training & Support | sfcontact.247@gmail.com Salesforce Security 3 Salesforce Shield Salesforce Shield is a trio of security tools that admins and developers can use to build a new level of trust, transparency, compliance, and governance right into business-critical apps. It includes Platform Encryption, Event Monitoring, and Field Audit Trail. Encrypt Fields, Files, and Other Data Elements With Encryption Policy, Filter Encrypted Data with Deterministic Encryption, Cache-Only Key Service, Platform Encryption - Encryption allows you to natively encrypt your most sensitive data at rest across all your Salesforce apps. Event Monitoring - gives access to detailed performance, security, and usage data on all your Salesforce apps. Every interaction is tracked and accessible via API, Field Audit Trail - lets you know the state and value of your data for any date, at any time. You can use it for regulatory compliance, internal governance, audit, or customer service. Transaction Security Policies When enabled Transaction Security for your org, two policies are created. 1) Concurrent User Session Limit policy to limit concurrent login sessions. -A user with five current sessions tries to log in for a sixth session. 2) Lead Data Export policy to block excessive data downloads of leads - Retrieves more than 2,000 lead records Monitoring Organizatio n’s Security Track login and field history, monitor setup changes, and take actions based on events. Monitor Login History, Field History Tracking, Monitor Setup Changes, Transaction Security Policies
  • 4. https://sfsupport247.com | Salesforce Training & Support | sfcontact.247@gmail.com During the Apex programming, the security of Apex code is critical. Make sure to add user permissions for Apex classes and enforce sharing rules. Apex code generally runs in system context i.e. current user's permissions, field-level security, and sharing rules aren’t taken into account during code execution. Note: - Apex code execution for executeAnonymous block always executes using the full permissions of the current user. public with sharing class ClassName { ........... } public without sharing class ClassName{ ........... } Object-leve and Field Level permissions: Sharing rules are distinct from object-level and field-level permissions. They can coexist. If sharing rules are defined in Salesforce, you can enforce them at the class level by declaring the class with the with sharing keyword. SOQL Permissions: [SELECT Id, (SELECT LastName FROM Contacts), (SELECT Description FROM Opportunities) FROM Account WITH SECURITY_ENFORCED] [SELECT Id, parent.Name, parent.Website FROM Account WITH SECURITY_ENFORCED] Apex Security 4