A little bit of background on the speaker, Prag is the Salesforce Practice Lead at CloudKettle. As a 5X Salesforce Certified professional, he leads a team of Salesforce Admins, Developers, Consultants, and Architects. He is also a 5X Dreamforce speaker and is known for his expertise in Salesforce security and speaks regularly on the topic (to connect with Prag on twitter, click here).
Below are some of the main takeaways from the podcast above if you’re looking for a digest.
Four Salesforce Security Tips to Get You Started:
1) Never Underestimate the Power of a Pen and Paper
When you’re approaching your security model, take out that pen and paper, and map out the different levels of sharing rules and permissions.
2) Documentation is Key
Make sure you document your Salesforce org thoroughly.
3) The Principle of Least Privilege
Only give users access to data as needed. By default, lock it all down and unlock items as groups or individuals need access to them.
4) Resource Analysis to Persuade the Executive Team
In order to get buy-in from senior stakeholders in your security plan, conduct a resource analysis to show what a data breach would cost your organization vs. the resources to mitigate that risk.
What is Multi-Factor Authentication (MFA) in Salesforce?
Similar to two-factor authentication (2FA), multi-factor authentication (MFA) protects against unauthorized access by requiring a user to provide multiple authentication factors to prove their identity. MFA, however, requires two or more factors, while 2FA only requires two factors.
Why is Multi-Factor Authentication (MFA) in Salesforce Important?
A key part of our own security strategy at CloudKettle is safeguarding access to our Salesforce user accounts. User credentials alone don’t always provide sufficient protection. Multi-factor authentication is a simple and effective way to prevent unauthorized account access to safeguard our data.
For more information on MFA, click here.
Why Does Multi-Factor Authentication (MFA) in Salesforce Matter Now More Than Ever Before?
As we all work remotely during this challenging situation, it’s easy for bad actors to exploit weak or reused passwords through common types of attacks like phishing and credential stuffing. Multi-factor authentication helps protect against these types of attacks.
How can Salesforce Admins Avoid Making Security Mistakes?
Admins can avoid or reduce the number of mistakes made by having a planned Security strategy, testing that strategy in a Sandbox, and doing a phased roll-out approach.
We hope you find the actionable insights provided here to be helpful. Have questions about MFA or Salesforce security? Sign up for our newsletter! We send out a monthly recap of our latest Salesforce content, including articles on security best practices, actionable insight on Salesforce optimization for enterprises, and more.