Review Site Security
Learning Objectives
After completing this unit, you’ll be able to:
- List the common elements of a security strategy.
- Describe what happens in a security assessment.
- Describe three best practices that can help protect Salesforce B2C Commerce customizations.
- List security tools and services that you can use for each layer of the B2C Commerce architecture.
- Explain how you can limit access to Business Manager based on IP addresses.
Trust Is the Most Important Value
At Salesforce, trust is our number one value. To that end, security is built into every layer of the B2C Commerce platform to protect merchant implementations and data. And with good reason—according to Distil Network, nearly 38% of internet traffic in 2018 was not human and approximately 21% of ecommerce traffic was malicious. (Distil Network, 2019 Bad Bot Report).
The responsibility for trust is shared between Salesforce and the merchant. Safeguarding storefront and shopper data is an important job that Linda Rosenberg, Cloud Kicks admin, translates into a four-pronged security strategy.
- Access: Focus on user and shopper security.
- Protection: Implement eCDN to protect storefront data.
- Monitoring and support: Monitor your site to ensure protection works.
- Customization: Ensure new code and features meet security requirements.
This table shows who’s responsible for each aspect of this strategy.
Salesforce |
Merchant |
|
|
The Salesforce computer security incident response team (CSIRT) monitors systems 24/7. If they identify traffic behavior anomalies, they proactively contact the merchant to discuss the behavior and assist in further investigation.
If Linda detects malicious activity impacting her sites, she contacts the Salesforce technical support and security teams who can help her investigate and determine an immediate mitigation strategy. They also recommend preventative measures to reduce the risk of recurrence.
Attacks can come in many ways. Merchants must learn how each type of threat could impact their business and tailor prevention and mitigation tactics to address their specific concerns.
Security Assessments
Linda requests a B2C Commerce security assessment to help identify issues so she can correct them. To minimize unintended consequences to the production instance, they perform the assessment on a sandbox environment that mimics production.
To initiate the text, she sends an email to Salesforce at securityassessment@salesforce.com
with the required information in an attached form, along with AWS approval, which has a separate process. Security assessment requests must be sent at least 7 business days prior to the test start date.
If your site uses AWS, follow their assessment request process for penetration testing.
Security and Best Practices
The B2C Commerce platform defends against attacks in many ways, from the basic platform to LINK cartridges.
Platform Security
The B2C Commerce built-in embedded content delivery network (eCDN) adds another layer of protection for its point of delivery (POD) origins. With a network 15 times greater than the largest recorded distributed denial of service (DDoS) attack and trained knowledge of previous and suspect attackers from millions of sessions, this eCDN easily thwarts volumetric and protocol attacks without impact to merchant storefronts.
Application and Platform Features
B2C Commerce is all about custom code and features. It’s what lets merchants like Cloud Kicks shine in the online retail market. Salesforce encourages them to take a defense in depth approach, using the built-in features of the platform and customizing their implementation to include further defenses from attacks.
The embedded CDN and web application firewall work together on this platform to thwart volumetric, protocol, and application attacks before they impact storefront availability and performance.
Customization
Merchants can fine-tune their B2C Commerce implementations in several ways. They can use custom code to implement challenges to malicious site activity. They can use the B2C Commerce Web Services framework to monitor, filter, and challenge suspicious traffic specific to their business requirements with out-of-the-box tools and recommended best practices. Here are some examples.
Best Practice |
Description |
CAPTCHA |
|
Rate Limiting |
|
Circuit Breaker |
|
LINK Solutions
The B2C Commerce partner community provides fraud prevention and bot detection solutions. The platform has an extensive portfolio of third-party certifications. In addition, Salesforce is a payment card industry data security standard (PCI-DSS) Level 1 service provider with several resources to help merchants maintain their PCI compliance.
Security at Every Layer
Security tools and services live in every layer of the B2C Commerce architecture.
Layer |
Services |
Application |
|
Network |
|
Infrastructure |
|
Linda explores how B2C Commerce handles some of these at the application layer.
IP Address Access via Business Manager
Linda can limit access to Business Manager based on IP addresses via an allowlist and blocklist. These lists lock out attackers who’ve obtained valid credentials through illegitimate means. For example, a former employee obtained credentials when they were employed, or a non-employee obtained them via social engineering. These lists aren’t intended to prevent brute force attacks. They are just an easy way to block direct access. Here’s how the lists apply, depending on how the users logs in.
What the user logs in with |
They are not using |
The lists apply |
Business Manager |
Unified Authentication |
Before credentials are verified |
WebDAV or the agent user login process |
Unified Authentication |
After credentials are verified |
Unified Authentication |
After credentials are verified |
In this module, we assume you are a Salesforce B2C Commerce admin with the proper permissions to perform these tasks. If you’re not a B2C Commerce admin, that’s OK. Read along to learn how your merchandiser would take these steps in a staging instance. Don’t try to follow our steps in your Trailhead Playground because B2C Commerce isn’t available in the Trailhead Playground.
If you have a development instance of B2C Commerce, you can try out these steps in your instance. If you don’t have a development instance, ask your manager if there is one that you can use.
Here's how to create the lists.
- Open Business Manager.
- Select Administration > Global Preferences > Security.
- Click the Access Restriction tab.
- Enter a range of allowlisted IP addresses that are allowed to access Business Manager.
- Enter a range of blocklisted IP addresses not allowed to access Business Manager. If an IP address is both blocklisted and allowlisted, it’s denied access.
- Select if you want invalid login attempts recorded to the error log.
- Enter one or more email addresses, separated by a semicolon to have an email sent when an invalid login attempt occurs.
- Select if you want to block login access to non-specifically allowlisted IP addresses.
- Select if you want invalid login attempts to count toward the failed login count. Choosing this option can result in a user being locked out.
Secure Code via OCAPI
Security begins at the code level. Developers should not code API keys directly into their code. Instead, they should store them inside the application’s source tree. OCAPI credentials are similar to user accounts. Linda reviews them periodically along with user accounts.
Here’s what else you can do to keep OCAPI secure.
- Use permissions and keep permissions to resources as tight as possible, adhering to the principle of least privilege.
- Use other types of restrictions such as accepted OCAPI versions.
- Delete unneeded API keys to minimize exposure to attacks and regenerate API keys periodically.
- Use different OCAPI IDs for different instances and purposes, for example don’t share the same OCAPI ID across development and production instances.
Next Steps
In this unit, you learned how merchants and Salesforce share responsibility for a secure storefront. You learned about security assessments, best practices, and how there must be security at every layer of the B2C Commerce architecture. Next, explore multi-factor authentication and SSL certificates.