Staying Safe in Salesforce

Staying Safe in Salesforce

“What’s with all the Salesforce data breaches and should I be worried?” 😵‍💫

Been hearing that a lot lately and while you shouldn’t be worried, you should definitely be proactive.

First things first – this isn’t a Salesforce platform security issue but an issue with vulnerabilities in some apps that connect to it (or in the way they connect to it).

Just like a home, you can have all the latest protections but if one person forgets to close the door at night, they become a moot point. (Or worse, you give the keys to someone for a specific job and forget to ask it back).

In these cases one person = one connected app.

Why Salesforce? The bigger the company, the bigger the target and with the rise in AI’s ability to be “trained” as “hackers”, an army of AI can be created to attack systems in a way that was previously unthinkable.

Now, the security infrastructure of Salesforce wasn’t the main driver of creating a Salesforce-native solution, but it’s been a huge bonus for both us and our customers in terms of keeping their data safe.

If you are using a connected app, you (might) should know that Salesforce is requiring a security re-auditing process for its connected apps.

So while you’re doing your due diligence and reviewing what's connected, don't be hesitant to reach out to these vendors and ask them what this security re-audit looks like from their end, what the potential for exposure was, and how it’s been mitigated going forward.

If they don’t have a concrete answer for you that can be reviewed by your internal team, you should seriously consider its relevance in your stack.

Don’t let a company’s (hopefully not vibe-coded...) quick fix become your data breach problem.

Review, assess, and monitor.