To Top

Apply Now

ENTER THE REQUIRED FIELD.
Salesforce, Data, Security, And Us

SALESFORCE, DATA SECURITY, AND US

Publish date:

“Passwords are like underwear: don’t let people see it, change it very often, and you shouldn’t share it with strangers.” –  Quote by Chris Pirillo, founder and former CEO of LockerGnome, Inc

What do LinkedIn, Alibaba, Yahoo, Face, and hotel giant Marriott International have in common besides being household names? Any ideas?  No.  Well, they have all been victims of data breaches in the past decade. These recent famous examples of data leak / theft have been worrying companies dealing with sensitive, valuable, and large caches of data of customers and audiences. Vigilance, 24x7, is the key for all businesses to prevent any sort of data breach. And Salesforce organizations deployed are not immune for them. Luckily, layers of protection are at hand to keep data in Salesforce in safe hands and away from data leaks. Let’s look at them.

Application Layer 
  • Custom Code (Apex, Visualforce, LWC, Aura) 

  • Software Libraries (open-source components like jQuery, etc.) 

  • Runtime (XSS, SOQL & SOSL injection flaws) 

  • Third-party packages (Managed apps from AppExchange) 

Architecture Layer 
  • User Access Controls: The Principle of Least Privilege 

  • Object Permissions: Access where access is needed 

  • Auditing, Event Monitoring, and Logging 

  • IAM: Identity and Authorization Management (ie SSO, 2FA, etc) 

Data Layer 
  • Encryption 

  • Data Masking 

  • Data Backup and Restore 

With Salesforce you get access to a safe and secure platform that is second to none. With it comes the concept of the Salesforce Shared Responsibility Model.  Here shared refers to the moment we start making any alteration to the basic framework of the salesforce organization, we become responsible for the security of our data and information pertaining to clients and audience. In brief, the moment we start customising Salesforce and bringing in security vulnerabilities, we become easy prey for people with malicious intent. So be alert, be aware and be responsible.

Data security is an issue when the following are overlooked:
  • Not studying the impact of any customisation whether internal or external. It’s important to be cautious, as any change can leave the organization vulnerable, putting data in danger. For outside threats, the risk is Salesforce Community and Force.com sites.  Before undertaking any customisation, installation / configuration, do proper homework so that they don’t jeopardise the hard work.

  • Not studying 3rd party software libraries. These, especially if old, may come with posted Common Vulnerabilities & Exposures or public exploits reported. If the edition of the version is in doubt, you can either fix it or get another one. 

  • Not reviewing code base from time to time. This is important.  You need to be alert to any form of risks that can be averted with timely action. 

The following questions need to be asked by all salesforce vendors / partners:
  • Are the developers and administrators familiar with testing before deployment?  

  • Are security and compliance managers evaluating the Salesforce security posture regularly?  

  • Is the security posture status of your client data known to the management / owners? 

Being methodical and alert at all times can prevent accidents, etc. The same applies to data security and protection.  Let’s be resolute at all times and reassure our clients. 

About the Author

author
Anand Sharma

Anand is a Salesforce Evangelist, joined the Salesforce ecosystem in 2014 helping customers to be successful with Salesforce, and joined Codleo to share the goodness with even more developers all around the world. He is based in New Delhi, with his wife, and he tries to escape summers every chance he gets.

Recent Posts

Salesforce Support Services

What to Expect from a Codleo Sal...

Explore Codleo’s Salesforce implementation process—timeline, ROI, and post-launch support designed to drive success and long-term business value....

Salesforce Partner

Why Leading Brands Choose Codleo...

Find out why leading brands choose Codleo as their Salesforce partner. They rely on us for consistent results, industry knowledge, customized solution...

Salesforce Integration Services

Salesforce and NetSuite Integrat...

Thinking about connecting Salesforce with NetSuite? Discover real benefits, common challenges, and smart ways to make your integration smooth and scal...

Salesforce Support Services

What Is CRM (Customer Relationsh...

Learn what CRM means, how it works, and why it matters for your business. Discover how the right CRM system can improve sales, support, and relationsh...

Salesforce Development Services

Guide to Custom Salesforce Devel...

Explore how custom Salesforce development can streamline your business in 2025. Learn key benefits, use cases, and expert tips to get started....

LET'S MEET

Mob: +91 93118 16065

India Office Address

603 D-Mall Netaji Subhash Place, Delhi 110034 IND

Logix Cyber Park, Tower D, 9th & C-28 & 29, C Block, Sector 62,Noida, Gautam Buddh Nagar, Uttar Pradesh 201301

US Office Addresses

16192 Coastal Highway Lewes, Delaware 19958 USA

539 W. Commerce St Suite 6079, Dallas, TX 75208 USA

consult@codleo.com