You cannot protect what you don’t know about : Four questions we all need to answer
Updated: May 21, 2021
A good starting point for any optimization strategy is to conduct a security audit for your org. This is also one of the very first tasks we are likely to initiate to familiarize ourselves when inheriting a new Salesforce instance. If you don't have enough awareness about the potential security risks, unauthorized data access, or permissions access, you wouldn't know what to protect.
As businesses grow, so does their Salesforce instance and the various access controls and permissions can easily lead to a tangled web if not managed effectively.
So, whether we are Admins, BAs, Consultants or Architects, questions that we all need to answer, that can help identify what we need to know about our Salesforce instance, to enable us to protect it :
Which users in your Salesforce instance have access to what and why?
How restrictive or open are the custom profiles that were cloned from existing profiles, in terms of system permissions?
Are you leveraging the audit trail reports to monitor and identify unauthorized changes?
Most importantly, how many of your users have access to export data from your Salesforce instance?
The next natural step is to decide what counts as a potential security and data access risk specifically for your business, and the actions to take to either eliminate or mitigate these risks.
A way to monitor the improvements you have made, use your initial audit analysis as a baseline for future audits :)
With a powerful system like Salesforce, the responsibilities that tag along are just as powerful.
Stay tuned for our Salesforce Optimization TIDBITS mobile application, coming soon on Android, iOS to follow.
To find out more about how Advisedly Optimize can help your business take the required steps to embed a culture of optimization and technical hygiene for your Salesforce platform, reach out to us and have a chat!
Follow us on We Advise, You Optimize