{"id":2571,"date":"2018-07-16T08:00:27","date_gmt":"2018-07-16T08:00:27","guid":{"rendered":"https:\/\/devbloglavaprotocols.nityo.in\/secure-your-data-on-salesforce-before-its-too-late\/"},"modified":"2018-07-16T08:00:27","modified_gmt":"2018-07-16T08:00:27","slug":"secure-your-data-on-salesforce-before-its-too-late","status":"publish","type":"post","link":"https:\/\/www.lavaprotocols.com\/the-cloud-blog\/secure-your-data-on-salesforce-before-its-too-late\/","title":{"rendered":"Secure Your Data on Salesforce Before It\u2019s Too Late!"},"content":{"rendered":"
<\/div>

By Laura Pelkey,\u00a0Security Content and Communications Manager, Salesforce\u00a0<\/strong><\/em><\/p>\n

<\/p>\n

There is a lot of information out there telling you that you should protect your data<\/a>. But why is data security important? More data exists online now than at any other point in time, and the quantity is only expected to keep growing. It\u2019s important to protect yourself and your customers. If you\u2019re using a CRM (customer relationship management) software such as Salesforce, you need to equip yourself with best practices on how to secure your data on Salesforce.<\/p>\n

<\/h2>\n

How Do We Define Data?<\/strong><\/span><\/h2>\n

Data is any recorded fact or statistic. Personal data\u00a0\u2014 otherwise known as personally identifiable information (or\u00a0PII)\u00a0<\/a>\u2014\u00a0can be a birthday, home address, phone number, or even full name, if it\u2019s in relation to any other PII. It can also be highly valuable information such as healthcare records, banking information, or social security number. The more valuable the information, the more money it\u2019s worth (to hackers or people who buy information from hackers).<\/p>\n

Data is not only personal information about an individual that can be found online. It can also be information about a customer that is stored on a company\u2019s database. Recent data security protections like the EU\u2019s General Data Protection Regulation (GDPR<\/a>) are an important step in limiting what companies can do with the data that resides in their systems. There are also steps you can take to limit the data that gets exposed in the first place.<\/p>\n

Related<\/strong><\/span>:\u00a0Cloud Security: So Are We Secured (Or Not)?<\/a><\/p>\n

Now that we\u2019ve defined data security in general terms, let\u2019s talk more specifically about how to keep your Salesforce data secure.<\/p>\n

\u00a0<\/p>\n

Secure Your Data on Salesforce<\/strong><\/span><\/h2>\n

For administrators and developers, choosing data sets each user or group of users can see is one of the key decisions that affects how you secure your data on Salesforce. It\u2019s important to limit the data your users are able to see and the permissions they have. Users ought to only have access to what is necessary to perform their job \u2013 this concept is called the\u00a0principle of least privilege<\/a>.<\/p>\n

An example of when you might need to apply this theory is if you\u2019re building an app to help manage the recruiting efforts at your company. The app will store a plethora of confidential data such as names, social security numbers, salary information, and feedback from existing employees. Only some teams or individuals within your company will need to have access to such sensitive information. In this example, recruiters will need access to everything, while some other users will probably only need editing rights to certain fields.<\/p>\n

The\u00a0Salesforce platform<\/a>\u00a0lets you maintain data security by assigning different data sets to different types of users. Therefore, users that need access to sensitive information can perform their critical job functions, while reducing the risk of data being stolen, leaked or misused.<\/p>\n

Administrators (admins) are able to specify which users can view, create, edit, or delete any record or field in the app. This control can extend to your entire organisation (org), or simply an object, field, or individual record. By combining security controls at different levels, you can provide the ideal level of data access to all of your users while maximising the effectiveness of your data security controls.<\/p>\n

\u00a0<\/p>\n

Secure Your Data on Salesforce by Controlling Access<\/strong><\/span><\/h2>\n

As we mentioned earlier, admins can control which users have access to which data in the org\u00a0\u2014 a specific object, a specific field, or an individual record. It\u2019s important to understand how these levels interact with each other. The list below gives a brief overview of which types of controls should be implemented at each level:<\/p>\n