Suivez votre progression
Accueil Trailhead
Accueil Trailhead

Get Started with Transaction Security

Learning Objectives

After completing this unit, you’ll be able to:
  • Describe the benefits of Transaction Security.
  • Explain what policies, actions, and notifications are.
  • State use cases for Transaction Security.
Warning

Warning

Be careful—Transaction Security is a powerful feature. An incorrect Login Event policy that uses Block as its real-time action locks you out of your org. To prevent this from happening in an org you care about, create a new Trailhead Playground for this module.

What Is Transaction Security?

You’re the Salesforce admin in your organization. You’re juggling users, apps, objects, reports, and everything else. Now your manager adds one more task to that list: make sure no one is using an unsupported browser. On top of that, someone from IT asks you to prevent users from exporting reports with more than a thousand records on them.

Then, a security officer asks you to set up an alert that notifies him when someone runs reports containing sensitive data. How are you supposed to keep tabs on all of this, in addition to everything else you do as an admin?

You don’t: Transaction Security does it for you.

Transaction Security is a feature that monitors Salesforce events in real time to spot potential trouble based on rules you create. With Transaction Security, you can create policies that consist of events, notifications, and actions.

An event is anything that happens in Salesforce, including user clicks, record state changes, and measuring values. Events are immutable and timestamped.

When you create a Transaction Security policy, you first pick a transaction, or event, to watch for and then you choose actions that are triggered when the event occurs. These rules and actions you create are called policies. Transaction security policies are created for many use cases, and you can extend them with Apex for customized protection.

Note

Note

To use Transaction Security, you have to first purchase a Salesforce Shield or Salesforce Shield Event Monitoring add-on subscription.

For example, allowing users to export reports with too many records can create a security risk. Let’s say someone exports 1,000 records into an Excel sheet on their desktop, where Salesforce can no longer protect it. The user can sync that file to another system, email the file, or store it on a USB drive that’s easily misplaced.

If you want to keep users from downloading large volumes of data from a report, you need to create a policy for the Report Event. The policy might state that the action should be blocked when users who export data process more than 1,000 rows. You can also set it up so that you are notified if this event occurs.

Here’s an example of the homepage for Transaction Security in an org where some policies have already been created.

List of policies in the main Transaction Security Policies page.

We dive into more details about each column in a bit, but the most important thing to note is the status. The status indicates if the policies are enabled or disabled, so you can tell which are actively running.

These are some of the available event types for Transaction Security policies.

  • API Event for monitoring and protecting all API queries. This prevents unauthorized data exports.
  • List View Event for access to list views. This tracks user’s access to list views from both the UI and API queries.
  • Login Event for monitoring login details. This blocks logins from untrusted locations, unsupported browsers, and specific device types.
  • Report Event for report views and exports. This blocks or requires multi-factor authentication for access to sensitive information or notifies when reports are run or exported.

You can select which actions to take if the policy is triggered.

  • Block the operation.
  • Require a higher level of assurance using multi-factor authentication.
  • Do nothing (this can be useful for testing).
  • Opt-in for Policy notifications, sent via:
    • Email
    • In-app notification to the Salesforce app
    • Both email and in-app notifications

You can do a lot with Transaction Security. In this module, we focus on an important security use case—preventing a large data export.

Use Case

Your Salesforce employees need to view reports and export data. For security purposes, you want to ensure they’re not exporting large amounts of data from reports. This helps minimize the risk of leaking sensitive, competitive, or proprietary data. You can use Condition Builder to use clicks to easily create a policy that automatically blocks report exports when there is a large volume of records included in the report.

Alternatively, you can implement more complex use cases with an Apex class, which is a self-contained unit of code. You learn how to create both kinds of policies in the next two units. You might not have Apex experience, but we want to show you how to get the most out of this feature so there is some developer work in it. We guide you through each step.

These examples are just a few of the things you can do with Transaction Security. Check out the resources included in this unit for more examples.