Skip to main content

Choose the Right Salesforce Security Settings

Learning Objectives

After completing this unit, you’ll be able to:

  • List the built-in security features you can leverage in products built on the Salesforce platform now.
  • Describe how multitenancy protects your org’s security.
  • Explain the difference between monitoring and auditing.

Layers of Security

At Salesforce, we approach security with a defense-in-depth strategy. That means we layer many security controls together, so that if one control fails another will be in place to protect sensitive assets. We believe that protecting Salesforce data is a joint responsibility between Salesforce and our customers, which is why we built many security features into the Salesforce platform. It's our job to enable you and your users to do your jobs efficiently and securely. 

You're a Key Security Team Member

As a Salesforce Admin, you are a part of your company’s Security team. Security is the foundation of the entire Salesforce service, and a key pillar of our #1 value of Trust. We build security into our products while allowing them to be flexible enough to meet the needs of your business.

Many layers of Salesforce security work together to keep your business safe. Security controls like multi-factor authentication (MFA) are available to keep your implementation protected from unauthorized access outside of your company. It’s also important to safeguard your Salesforce data from inappropriate access by your own users. It's our job to keep your data stored where bad actors can’t get to it, and we protect it as it moves across the network. As a Salesforce Admin, it's your responsibility to utilize available security controls, follow Salesforce's security guidance, keep track of your users, and make sure they have the right amount of access within Salesforce.A woman at a laptop surrounded by security and bug icons

Admins can activate features built-in to the platform to make the experience as secure as possible for your company. No security strategy or feature is bulletproof, but shoring up your implementation with these capabilities decreases the likelihood that your org might be compromised, and may help reduce data loss even if it is.

Enabling the built-in features in Salesforce is the best way to quickly give a security boost to your Salesforce org(s). Go ahead and do the easy stuff right away. Criminals don’t let the low-hanging fruit hang. You shouldn’t either! We’ll dig into these features next.

Multitenancy

Salesforce is a multitenant platform: it uses a single pool of computing resources to service the needs of many different customers. Salesforce protects your org’s data from all other customer orgs by using a unique identifier, which is associated with each user’s session. When you log in to your org, your subsequent requests are associated with your org using this identifier.

Salesforce uses some of the most advanced technology for internet security available. When you access the application using a Salesforce-supported browser, Transport Layer Security (TLS) technology protects your information using both server authentication and classic encryption, which ensures that your data is safe, secure, and available only to registered users in your org.

In addition, Salesforce is hosted in secure server environments to prevent interference or access from outside intruders.

Let Users In, Keep Attackers Out with MFA

One powerful way to increase your Salesforce org’s security is to require a second level of authentication when users log in. Multi-factor authentication (MFA) is one of the easiest, most effective ways to help prevent unauthorized account access and safeguard your Salesforce data. We believe MFA is so important that we require it for everyone accessing our products and services. And to help users satisfy this requirement, MFA is a default part of the login process for Salesforce production orgs.

With MFA, users have to provide two or more pieces of evidence—or factors—when they log in. One factor is the user’s username and password combination. For an additional factor, users provide a verification method that confirms their identity, such as an authenticator app or a physical security key. MFA adds an extra layer of protection (in line with the defense-in-depth strategy!) so that even if a user’s credentials are compromised, the user’s account can still be protected.

Admins don’t have to do anything to turn on MFA because it’s automatically part of the login process. And it’s fast and easy for users to get started with MFA—they can simply follow the MFA registration prompts that appear when they log in.

Restrict the IP Addresses Users Can Log In From

For an additional layer of access security, admins can require users to log in to Salesforce from an IP address in an approved range of addresses. This usually means the addresses that belong to your corporate virtual private network (VPN). The goal of this control is to prevent anyone who tries to log in to Salesforce from outside the designated range of addresses from getting in. By combining MFA login requirements with IP address range restrictions, you're adding two additional layers of security to protect your Salesforce accounts from malicious actors. You can also set up trusted IP address ranges for your whole org or for specific user profiles.

Deactivate Former Users

As an admin, you know this better than anyone (well, maybe besides Human Resources): Salesforce users constantly change and shift roles as people leave the company, and new users are added. When a user no longer works for the company, it is the admin's responsibility to promptly remove their access to Salesforce. Deactivate users in a timely fashion so that they can no longer use their Salesforce credentials to log in to your org, which will help you ensure that only authorized users are accessing your org.

Limit What Users Can Do

Several layers of access and control determine “who sees what” and “who can do what” in a Salesforce org. If you have multiple Salesforce orgs, you need to configure these controls separately in each org.

Admins can restrict access to certain types of resources based on the level of security associated with the authentication (login) method for the user’s current session. By default, each login method has one of two security levels: standard or high assurance. You can change the session security level and define policies so that the specified resources are available only to users with a high assurance level.

See What They've Already Done

Field Audit Trail, which is part of the Salesforce Shield add-on, lets you define a policy to retain archived field history data up to 10 years, independent of field history tracking. To learn more about Field Audit Trail, check out the Field Audit Trail Implementation Guide. This feature helps you comply with industry regulations related to audit capability and data retention. The setup audit trail history tracks the recent setup changes that you and other admins have made to your org. Audit history can be especially useful in organizations with multiple administrators.

The Salesforce Who Sees What video series shows how you can control who can do what in your organization.

Even More Security Options with Salesforce Shield

Encrypt Your Data

There are a variety of enhanced security features available in our add-on Salesforce Shield product. Platform Encryption, which is part of Shield, gives your data a whole new layer of security while preserving critical platform functionality. You can protect data at a more granular level than ever before, so your company can confidently comply with privacy policies, regulatory requirements, and contractual obligations for handling private data.

Trigger Automatic Actions on Security Events

Transaction Security policies evaluate activity using events you specify. For each policy, you define real-time actions, such as automatic notifications, blocks to stop specific operations, or the option to end a session. Let’s look at an example.

Your business requires that your employees use Salesforce to view reports and export data. For security purposes, you want to ensure they’re not exporting large amounts of data from reports. This helps minimize the risk of leaking sensitive and proprietary data. You can use Transaction Security's Condition Builder to create a custom policy that automatically blocks report exports when they include a larger volume of records than you allow. 

Monitor Events in Your Org

Event Monitoring allows you to access event log files to track user activity, feature adoption, and troubleshoot issues. You can also integrate the data log with your own data analysis tool. Event Monitoring helps you to detect any anomalies in your Salesforce implementation, which could indicate security risks like a data leak.

Resources

Share your Trailhead feedback over on Salesforce Help.

We'd love to hear about your experience with Trailhead - you can now access the new feedback form anytime from the Salesforce Help site.

Learn More Continue to Share Feedback