Salesforce is the most powerful CRM in the world, in large part because of how diverse the ecosystem of tools that can be integrated with it is. Organizations have long seen the benefits of expanding the value they get out of Salesforce by integrating their marketing automation, data enrichment, collaboration, and productivity tools with their instance.
However, tying all these external tools into your Salesforce instance and providing them access to your (increasingly sensitive in today’s GDPR world) data comes with its own set of challenges. How do you ensure these integrations are stable, auditable and secure? One of the most important steps to doing this is utilizing an Integration User.
If you have a tool integrated with your Salesforce instance, it likely requires (if data is being passed in and out of the instance) a user that has authenticated that it “acts” as and mimics every time it accesses the instance. This is true for both large platform deployments like Marketo, LinkedIn Sales Navigator, and Clearbit, but also for custom API calls.
In many organizations, these authentications are done using the Salesforce System Administrator’s own license, which is incredibly risky.
No integration should ever have full Admin access in Salesforce. Ever. Here’s why:
Giving an integration System Admin access means it can:
- Create or delete your users
- Delete records
- Reset user’s passwords
- Be able to log in as any user
- Create new permission sets and assign them
A 3rd party application should never be able to do any of the things listed above.
It isn’t about trust, it is about risk mitigation
To get listed on Salesforce’s AppExchange vendors undergo an incredibly thorough security review process. However, this does not mean every integration is safe; not all are installed directly from the AppExchange, and even those that are vetted by Salesforce could still cause damage as a result of an unintended consequence or previously unknown threat vector. If you’re speaking with a vendor and they suggest their tool needs System Admin access, ask why? Giving Admin access to 3rd party tools is lazy at best and risky at worst.
What is an Integration User?
An Integration User can be an Admin’s best friend. It is a dedicated (not used by any human) full Salesforce license that has a custom Profile, Permission Set and is used for any 3rd party integrations like marketing automation, CTIs, data enrichment tools, and even your own custom API work that ties in with your instance. Integration Users are particularly important for the tools listed above because they tend to update thousands (or tens of thousands) of records a day and have a huge impact on your instance.
In short, having an Integration User is a more secure, auditable way to move data into and out of your instance without relying on an existing user’s license.
The ROI of an Integration User
The main benefits of having a dedicated integration user are around improving data integrity, simplifying reporting, and increasing instance security.
Auditing and Reporting Benefits
Many reports need to exclude automated systems to gain an accurate idea of your team’s performance. For example, to create benchmarks and track performance metrics you need to know:
- How many activities were created this week by actual team members (not by a marketing automation platform)?
- What leads were actively worked by a team member (and not updated by a system)?
Creating clean reports is a lot simpler if you can simply exclude the Integration User to gain an accurate picture of your sale team’s performance.
Security is a growing concern for every organization. Earlier in this post, we talk about what giving a 3rd party tool System Admin access means. Here are a couple examples that demonstrate why not having an Integration User is extremely risky:
1) When an Employee, whose Salesforce license is being used for an integration (acting as an Admin on Integration), leaves the company or changes their password, it can create unforeseen problems.
A change in an Admin’s password will break any integration attached to that license and, in our experience, it can take days, weeks, or even months before someone realizes the integration is broken. Perhaps more concerning, Admins (those with the most power in Salesforce) forgo updating their passwords because of the level of work involved in updating the login criteria with every integration tied to their user. Additionally, consider what happens if that Admin is leaving the organization – a freeze or deactivation on their user again will break every sync tied to them.
2) Identifying how and why a record was updated.
In the absence of having an Integration User, it can be very difficult to determine how and why a record was updated. Admin’s perform batch updates on records as a part of cleaning and maintenance on a regular basis. Those updates often trigger integrations to then also check and update the records. If a record is updated in a manner that requires additional scrutiny to determine what went wrong it is almost impossible to nail down what was done by the Admin and what was almost simultaneously done by integrations tied to that Admin’s user. Was it a mass import you did as an Admin? Was it a record you updated by hand? Was it an integration? It can take hours of additional analysis to say for sure – if you ever can.
Organizations can be reluctant to invest in having a dedicated license for integrations, but the ROI of doing so is fantastic. Not only in terms of decreasing risk, but it also improves data integrity and saves time. Whether you have an internal Salesforce Administrator or use a Salesforce Partner, the time savings of having an Integration User provides a massive time and cost savings.
In our follow up blog post, we cover how to create a dedicated Integration User in Salesforce. Read this post for a step by step guide, including pictures to help you navigate the process seamlessly.
As always, if you have any questions about how to keep your Salesforce instance secure or about this post, drop us a line today.