Security Infrastructure

Salesforce uses some of the most exceptional technology for cloud security available today. When you enter the application using a Transport Layer Security (TLS) technology, it shields your data using server authentication. It ensures that your information is safe, reliable, and accessible only to authorized users in your company.

Data Sharing

When it comes to data sharing, Admins do not consider hierarchical sharing’s complexity, including how users can gain access to records. However, public groups are more straightforward to handle what gets shared.

It can often be challenging to recognize records that have been shared manually in the backend of Salesforce. An Admin can use the Developer Console to locate manually shared records. However, when the owner of these records moves, the trail gets wiped, which leads to a lack of visibility.

Security Infrastructure

Salesforce expects that cipher suites used for outbound calls adhere to security standards. Ensure that your cipher suite supports AES with 128-bit or 256-bit stream keys.

Salesforce shields your company data from other client organizations by applying a unique organization identifier linked with each user’s session.

Auditing

Salesforce tracks all login attempts, including the area of the login try and the IP address. Administrators can also turn on-field records tracking to clarify field value fluctuations and the user who made the change.

• Record Modification Fields – It gives some essential auditing data. All objects have fields to store the user’s name who built the record and last revised it.
• Login History – Enables you to assess a list of successful and failed login tries for the past six months.
• Field History Tracking – Allows you to automatically turn on auditing to track changes in individual fields’ values.

Compliance

Salesforce contracts prevent Salesforce from obtaining customer accounts or publishing customer data stored in their platform.

For classified data such as Protected Health Information (PHI) and Personally Identifiable Information (PII), Salesforce is accountable for delivering sufficient physical and technical security measures. At the same time, Salesforce customers are responsible for the integrity, usage of the data, and the type of data stored.

Salesforce has met the following compliance certifications:

• ISO 27001/27018
• SOC 2
• SOC 3
• PCI-DSS
• Safe Harbor

Data Access

Object-level access decides whether a user can access a particular object, the fields they can view on that object, and the steps they can perform.

Restricting Access

Options like Edit, Create, Read, and Delete decide which actions a user can do on the object’s records with access. Field-Level Security enables you to block certain users from viewing confidential data contained in records.

Opening Up Access

Options like View All and Modify All objects provide users access to all of an object’s records, despite record-level access settings.

Record-level access defines which records a user can view for a particular object by utilizing the below tools:

• Role hierarchy
• Territory hierarchy
• Organization-wide defaults
• Programmatic sharing
• Sharing rules
• Manual sharing
• Teams

Two-factor Authentication

Defend yourself with two-factor authentication to assure that only approved personnel can log in to your cloud apps and access sensitive data. Multi-factor authentication is one of the most inexpensive yet effective ways of keeping hackers from entering your cloud applications.

Encryption

Platform encryption in Salesforce is broad and feature rich. Companies can encrypt data that’s idle, including data stored in fields and files uploaded to Salesforce. Salesforce uses probabilistic encryption applying 256-bit AES. Though Salesforce has given the client control over the lifecycle of operating the key, it is stored in Salesforce’s ecosystem.