Salesforce invests time and resources into keeping their platform secure. They often release security updates and publish information on platform security on Salesforce Trust. While Salesforce works to maintain a secure platform, there are some configurations and settings users must oversee that impact the security of their environments.
The best practices outlined below address Salesforce security settings that may be overlooked or misunderstood. They were outlined by our partner, AppOmni, in their webinar, Salesforce Security Best Practices.
1. Install apps for specific profiles
When installing an app or package, you have the option to select, “Install for All Users,” “Install for Admins Only” or “Install for Specific Profiles.” The “Install for All Users” option means everyone in your Salesforce environment can gain access. This might include partners, vendors or contractors with access to Salesforce.
Once access is provided, it is a manual process to retroactively remove users’ permissions. The more secure path is to begin with more restricted access and gradually expand. This is accomplished by installing the app only for specific profiles and setting the default access for all users to “no access.” You can then add additional profiles and users as necessary.
A security posture management tool, like AppOmni, can help you review all users and their level of access from a single page. It can also assist with managing permissions for specific profiles.
2. Secure data within packages by monitoring settings during installation
When installing packages, users can select from the following settings: “Managed” or “Unmanaged,” and, “Public” or “Protected.” The “Managed” option allows you to create a “Custom Namespace” for your package. This will store any components, Visualforce pages, classes or credentials associated with the package in a unique Namespace. The “Unmanaged” setting stores those items in the default or local Namespace.
Next, the “Public” or “Protected” settings impact whether users and apps outside the package can read the data within. “Public” provides access to any user. “Protected” ensures only users and components within the Namespace can access.
Setting the package to “Managed” and “Protected” is the best practice. This means that a custom Namespace will be created for the package and only those users and apps with permissions for the package can access the data within.
3. Encrypt API calls
Integrating Salesforce with other systems can greatly enhance your CRM data while aligning different departments in the organization. When configuring integrations, developers will often use unencrypted http for testing and troubleshooting. This allows them to look within the API call to ensure the integration is functioning properly.
When the insecure http is not disabled, this can leave sensitive information vulnerable to outside access. Other parties may be able to read and store records within the unencrypted API calls which often include login credentials or an OAuth token.
To prevent this, ensure “Disable Protocol Security” is not selected on any integrations. You can find this setting under Setup, “Remote Site Settings” (select Details for a specific endpoint). This option does not appear in Lightning; so, be sure to toggle to Classic.
4. Implement security updates when available
Often, admins will delay installing security updates because of the potential impact on end users. By testing updates in Sandbox, you can deploy these changes more confidently and timely. Test automation tools, like AppOmni, can help speed up this process. AppOmni can verify users’ accessibility to services and data is preserved and maintained as planned.
5. Avoid controlling access by hiding fields for specific users
Sometimes, it can seem easier to initially provide your users with broad access to objects and fields. Then, you may try to hide certain data by limiting fields’ visibility for certain profiles.
But, hiding a field does not remove a user’s underlying access. They may still be able to view the information by creating a report or through a data export. Integrated apps may also be able to read data within hidden fields.
The best-practice approach is to control access by granting certain profiles or users permissions to objects and fields. Editing visibility on page layouts may still make it possible for users to view data through other means.
Implementing these best practices can help protect your customers’ information, as well as proprietary data unique to your business. Leveraging an SSPM platform, like AppOmni, can help your team implement these strategies and continuously monitor security protocols across multiple Salesforce environments. AppOmni scans your users, integrations and configuration settings (over 225 of them) to ensure they align with your security policies.