Salesforce Data Security Archives - gettectonic.com
Unlocking Enterprise AI Success
26Aug

Unlocking Enterprise AI Success

Companies are diving into artificial intelligence. Unlocking enterprise AI success depends on four main factors. Tectonic is here to help you address each. Trust is Important-Trust is Everything Data is everything—it’s reshaping business models and steering the world through health and economic challenges. But data alone isn’t enough; in fact, it can be worse than useless—it’s a risk unless it’s trustworthy. The solution lies in a data trust strategy: one that maximizes data’s potential to create value while minimizing the risks associated with it. Data Trust is Declining, Not Improving Do you believe your company is making its data and data practices more trustworthy? If so, you’re in line with most business leaders. However, there’s a disconnect: consumers don’t share this belief. While 55% of business leaders think consumers trust them with data more than they did two years ago, only 21% of consumers report increased trust in how companies use their data. In fact, 28% say their trust has decreased, and a staggering 76% of global consumers view sharing their data with companies as a “necessary evil.” For companies that manage to build trust in their data, the benefits are substantial. Yet, only 37% of companies with a formal data valuation process involve privacy teams. Integrating privacy is just one aspect of building data trust, but companies that do so are already more than twice as likely as their peers to report returns on investment from key data-driven initiatives, such as developing new products and services, enhancing workforce effectiveness, and optimizing business operations. To truly excel, companies need to create an ongoing system that continually transforms raw information into trusted, business-critical data. Data is the Backbone-Data is the Key Data leaks, as shown below, are a major factor on data trust and quality. As bad as leaked data is to security, data availability is to being a data-driven organization. Extortionist Attack on Costa Rican Government Agencies In an unprecedented event in April 2022, the extortionist group Conti launched a cyberattack on Costa Rican government agencies, demanding a $20 million ransom. The attack crippled much of the country’s IT infrastructure, leading to a declared state of emergency. Lapsus$ Attacks on Okta, Nvidia, Microsoft, Samsung, and Other Companies The Lapsus$ group targeted several major IT companies in 2022, including Okta, Nvidia, Microsoft, and Samsung. Earlier in the year, Okta, known for its account and access management solutions—including multi-factor authentication—was breached. Attack on Swissport International Swissport International, a Swiss provider of air cargo and ground handling services operating at 310 airports across 50 countries, was hit by ransomware. The attack caused numerous flight delays and resulted in the theft of 1.6 TB of data, highlighting the severe consequences of such breaches on global logistics. Attack on Vodafone Portugal Vodafone Portugal, a major telecommunications operator, suffered a cyberattack that disrupted services nationwide, affecting 4G and 5G networks, SMS messaging, and TV services. With over 4 million cellular subscribers and 3.4 million internet users, the impact was widespread across Portugal. Data Leak of Indonesian Citizens In a massive breach, an archive containing data on 105 million Indonesian citizens—about 40% of the country’s population—was put up for sale on a dark web forum. The data, believed to have been stolen from the “General Election Commission,” included full names, birth dates, and other personal information. The Critical Importance of Accurate Data There’s no shortage of maxims emphasizing how data has become one of the most vital resources for businesses and organizations. At Tectonic, we agree that the best decisions are driven by accurate and relevant data. However, we also caution that simply having more data doesn’t necessarily lead to better decision-making. In fact, we argue that data accuracy is far more important than data abundance. Making decisions based on incorrect or irrelevant data is often worse than having too little of the right data. This is why accurate data is crucial, and we’ll explore this concept further in the following sections. Accurate data is information that truly reflects reality or another source of truth. It can be tested against facts or evidence to verify that it represents something as it actually is, such as a person’s contact details or a location’s coordinates. Accuracy is often confused with precision, but they are distinct concepts. Precision refers to how consistent or varied values are relative to one another, typically measured against some other variable. Thus, data can be accurate, precise, both, or neither. Another key factor in data accuracy is the time elapsed between when data is produced and when it is collected and used. The shorter this time frame, the more likely the data is to be accurate. As modern businesses integrate data into more aspects of their operations, they stand to gain significant competitive advantages if done correctly. However, this also means there’s more at stake if the data is inaccurate. The following points will highlight why accurate data is critical to various facets of your company. Ease and speed of access Access speeds are measured in bytes per second (Bps). Slower devices operate in thousands of Bps (kBps), while faster devices can reach millions of Bps (MBps). For example, a hard drive can read and write data at speeds of 300MBps, which is 5,000 times faster than a floppy disk! Fast data refers to data in motion, streaming into applications and computing environments from countless endpoints—ranging from mobile devices and sensor networks to financial transactions, stock tick feeds, logs, retail systems, and telco call routing and authorization systems. Improving data access speeds can significantly enhance operational efficiency by providing timely and accurate data to stakeholders throughout an organization. This can streamline business processes, reduce costs, and boost productivity. However, data access is not just about retrieving information. It plays a crucial role in ensuring data integrity, security, and regulatory compliance. Effective data access strategies help organizations safeguard sensitive information from unauthorized access while making it readily available to those who are authorized. Additionally, the accuracy and availability of data are essential to prevent data

Read More
August 26, 2024in Salesforce

Salesforce and WithSecure

How does a Chief Information Security Officer (CISO) safeguard their organization against malware using Salesforce as an entry point into the corporate network? WithSecure™’s CISO faced this exact challenge in 2017 when transitioning from an alternate CRM application to Salesforce. How to secure data with Salesforce and WithSecure? During a security audit, our team discovered that content entering and exiting Salesforce was not being scanned, leaving the system vulnerable to cyber threats like malware. Unable to find a suitable solution on the market, we developed our own. WithSecure™ is a leading cybersecurity company in Europe with over 35 years of experience in IT security. Formerly known as F-Secure. We offer a robust portfolio of security products, including an end-to-end cybersecurity suite and dedicated threat hunting and consulting divisions. With ISO 27001 and ISAE 3000 (SOC 2 Type 2) certifications, our technology, cybersecurity laboratories, and scanning engines are world-class. Our experts traveled to San Francisco and partnered with Salesforce to develop a security solution that addressed the identified gap. After internal use for several years, we launched WithSecure™ Cloud Protection for Salesforce globally in 2020. Salesforce and WithSecure, Secure Your Enterprise WithSecure™ Cloud Protection for Salesforce is a Salesforce-native security tool. It operates within the Salesforce platform, requiring no special customizations, complex integrations, or external portals. This plug-in solution can be easily downloaded from the Salesforce AppExchange and deployed in under 20 minutes. As an ISV partner for Salesforce, WithSecure™’s tool is fully compatible and monitored by Salesforce. Our code undergoes regular review by Salesforce to ensure it meets the safety standards for all customers. WithSecure™ Cloud Protection for Salesforce operates efficiently in the cloud without performance overheads. It scans files and URLs uploaded to your company’s Salesforce cloud storage areas, providing real-time protection tailored for Salesforce environments. When suspicious content is detected, the tool quarantines the file or link while alerting administrators. As your Salesforce project expands, our solution scales seamlessly to offer continuous, real-time visibility into file and URL activity within the evolving ecosystem. Our tool checks link validity in real-time to halt even morphing malicious URLs. We provide advanced security analytics with comprehensive audit trails, empowering your security team to investigate incidents efficiently. Integration with SIEM and other third-party security systems is straightforward, allowing seamless metadata, alert, and workflow integration. Discover how leading organizations leverage WithSecure™ Cloud Protection for Salesforce. To learn more, download our latest ebook: “Securing Salesforce: Know Your Responsibilities, Protect Your Data.“ Think your Salesforce data is secure? Think again. Learn more about your security responsibilities and how to safeguard your valuable data. Salesforce and WithSecure. Like Related Posts Salesforce OEM AppExchange Expanding its reach beyond CRM, Salesforce.com has launched a new service called AppExchange OEM Edition, aimed at non-CRM service providers. Read more The Salesforce Story In Marc Benioff’s own words How did salesforce.com grow from a start up in a rented apartment into the world’s Read more Salesforce Jigsaw Salesforce.com, a prominent figure in cloud computing, has finalized a deal to acquire Jigsaw, a wiki-style business contact database, for Read more Health Cloud Brings Healthcare Transformation Following swiftly after last week’s successful launch of Financial Services Cloud, Salesforce has announced the second installment in its series Read more

Read More
August 24, 2023in Salesforce, Salesforce Development Services, Salesforce Sales Cloud
Salesforce Shield Data Monitoring and Encryption
07Oct

Salesforce Shield

Safeguarding your most sensitive data and proactively addressing evolving compliance and industry regulations through the implementation of Salesforce Shield can result in significant cost savings, as highlighted in Salesforce’s 2022 Top Data Security Trends report. Safeguarding with Salesforce Shield. Salesforce Shield was originally launched in 2015. Shield for Encryption Salesforce Shield allows you to encrypt your Salesforce data with AES 256-bit encryption at the field-level, as well as manage your own encryption keys. The Tectonic team is thrilled to introduce Salesforce Shield—an advanced encryption solution that ensures trusted data monitoring and expedites the security of cloud applications. Safeguarding with Salesforce Shield Salesforce Shield can help you protect your apps. Salesforce Shield is basically a set of security solutions that allows you to incorporate additional layers of trust, compliance, and governance into your mission-critical apps. Shield Platform Encryption, Event Monitoring, and Field Audit Trail are all included. Shield Platform Encryption also supports person accounts, cases, search, approval processes, and other key Salesforce features. Classic encryption lets you protect only a special type of custom text field, which you create for that purpose. Shield, a comprehensive suite of capabilities, offers an enhanced level of security beyond Salesforce’s default settings. With Salesforce Shield, you can confidently protect sensitive data within your Salesforce environment and maintain that security over time. Salesforce Shield provides protection in four key ways: Blocks Unauthorized or Unlawful Activity: Finds and Classifies Sensitive Data Quickly: Adds Additional Security to Sensitive Data: Meets Compliance and Industry Regulations: Working closely with your company, Tectonic will tailor the configuration of Salesforce Shield to align with your specific requirements. Salesforce Shield’s capabilities span across all Salesforce “cloud” products, offering comprehensive data risk reduction across critical business areas. It provides additional security features beyond standard Salesforce, which is especially valuable for customers dealing with sensitive data or operating in highly regulated industries. Unlike whole disk encryption, Salesforce Shield operates at the field level and for files and attachments. It extends field history tracking, supporting up to 60 fields per object, compared to the standard 20 fields per object. Event Monitoring Analytics, a component of Salesforce Shield, offers reporting on event monitoring through a pre-built dashboard. Events are logged and displayed, allowing users to monitor trends, analyze user behavior, and ensure data security. Salesforce Shield employs Einstein Data Detect, an automated scanning tool, to identify sensitive data based on predefined patterns, including credit card numbers, emails, social security numbers, URLs, and IP addresses. This tool works seamlessly with platform encryption, indicating which data needs encryption at rest. Ask Tectonic For those seeking more information on Salesforce Shield, feel free to reach out to your Tectonic team, Salesforce AE, or consult Salesforce’s guide to Salesforce Shield Implementation. Does using Salesforce Shield make an organization automatically HIPAA compliant? No, while Salesforce Shield provides additional security features, customers must still configure it correctly and use it with other security measures to meet their HIPAA obligations. Which user permissions does Shield platform encryption require? “While many companies are leveraging the cloud to build apps at the speed of business, those in regulated industries have struggled to take full advantage of the cloud due to regulatory and compliance constraints,” said Tod Nielsen, executive vice president of Salesforce1 Platform, Salesforce. “With Salesforce Shield, we are liberating these IT leaders and developers, and empowering them to quickly build the cloud apps their businesses need, with the trust Salesforce is known for.” Salesforce Shield, in collaboration with Tectonic, fortifies your enterprise and Salesforce org by safeguarding sensitive data. Tectonic conducts a data classification exercise to identify fields requiring encryption based on regulatory, security, privacy, and compliance requirements. Isn’t it time your business and data benefited from the protection of Salesforce Shield? Like1 Related Posts Salesforce OEM AppExchange Expanding its reach beyond CRM, Salesforce.com has launched a new service called AppExchange OEM Edition, aimed at non-CRM service providers. Read more The Salesforce Story In Marc Benioff’s own words How did salesforce.com grow from a start up in a rented apartment into the world’s Read more Salesforce Jigsaw Salesforce.com, a prominent figure in cloud computing, has finalized a deal to acquire Jigsaw, a wiki-style business contact database, for Read more Health Cloud Brings Healthcare Transformation Following swiftly after last week’s successful launch of Financial Services Cloud, Salesforce has announced the second installment in its series Read more

Read More
October 7, 2022in Einstein 1 Platform, Salesforce, Salesforce Implementation Services, Salesforce Shield
Salesforce Einstein and Einstein Automate
26Feb

Salesforce Acronyms for General Data Management and Security

Here is a helpful glossary of Salesforce acronyms for General Data Management and Security you will hear. Acronym Meaning Defintion 2FA Two-factor Authentication Also an extra layer of security that proves a user trying to login to Salesforce is who they say they are. You will have seen this in action when creating/updating your password, and selecting a question (eg. “City you were born”) and a memorable answer. Note: 2FA has now been broadly replaced by MFA. CASL Canada Anti-Spam Law An anti-spam law that applies to all electronic messages (i.e. email, texts) organizations send in connection with a “commercial activity.” Its key feature requires Canadian and global organizations that send commercial electronic messages (CEMs) within, from or to Canada to receive consent from recipients before sending messages. CCPA California Consumer Privacy Act Similar to GDPR, CCPA applies to businesses that collect or use personal information of California residents (even if the business is not in California). CORS Cross-Origin Resource Sharing “Allows web browsers to request resources from other origins. For example, using CORS, the JavaScript for a web application at https://www.example.com can request a resource from https://www.salesforce.com.” (source). CSP Content Security Policy The Lightning Component framework uses CSP to impose restrictions on content. The main objective is to help prevent cross-site scripting and other code injection attacks. GDPR General Data Protection Regulation A legal framework that sets guidelines for the collection and processing of personal information from individuals who live in the European Union (EU). HIPAA Health Insurance Portability and Accountability Act Ensures that individual health-care plans are accessible, portable and renewable, and it sets the standards and the methods for how medical data is shared across the U.S. health system in order to prevent fraud. HMS Hardware Security Module “Used to provide cryptography processing and key management for authentication. Shield Platform Encryption uses HSMs to generate and store secret material, and run the function that derives data encryption keys used by the encryption service to encrypt and decrypt data.” (source). KMS Shield Key Management Service “Shield Platform Encryption uses data encryption keys to encrypt and decrypt data. Data encryption keys are derived on the Shield Key Management Service (KMS) using keying material split between a per-release master secret and an org-specific tenant secret stored encrypted in the database.” (source). MFA Multi-factor Authentication An extra layer of security that proves a user trying to login to Salesforce is who they say they are. MFA combines something you know (ie. password) with something you own (ie. mobile phone). There are Salesforce approved MFA methods (Salesforce Authenticator app, built-in authenticators, security keys). MFA was formerly two-factor authentication or 2FA. PII Personally Identifiable Information Any data that can be used to identify a specific individual: social security numbers, mailing or email address, and phone numbers have most commonly been considered PIIFor auditing purposes, in Salesforce, Admins can indicate that a field contains PII in the field definition in Salesforce Setup. SCV Single Customer View The concept of collating every data point and interaction that an individual (customer, prospect, or partner) has with an organization, accessible from one record. Also referred to as a “360-degree View”, Salesforce launched the “Customer 360” messaging to communicate that the tightly connected Salesforce platform can enable organizations to achieve this rich profile of each individual. SSL Secure Sockets Layer “Salesforce certificates and key pairs are used for signatures that verify a request is coming from your organization. They are used for authenticated SSL communications with an external web site, or when using your organization as an Identity Provider.” (source). SSO Single Sign-on Sign in to one system, and then be automatically signed into all the rest of the applications you need. Fewer passwords, fewer headaches, less tedium and it should enable you to get on with what you actually intended to do, rather than get bogged with admin stuff such as hunting around for where you put your password hint. Like Related Posts Salesforce OEM AppExchange Expanding its reach beyond CRM, Salesforce.com has launched a new service called AppExchange OEM Edition, aimed at non-CRM service providers. Read more The Salesforce Story In Marc Benioff’s own words How did salesforce.com grow from a start up in a rented apartment into the world’s Read more Salesforce Jigsaw Salesforce.com, a prominent figure in cloud computing, has finalized a deal to acquire Jigsaw, a wiki-style business contact database, for Read more Health Cloud Brings Healthcare Transformation Following swiftly after last week’s successful launch of Financial Services Cloud, Salesforce has announced the second installment in its series Read more

Read More
February 26, 2021in Salesforce, Salesforce Implementation Services

Subscribe to our mailing list. Join our mail list to receive our newsletter

We'll keep you up to date with our latest news, insights, free resources, and much more.
Don't worry, we won't spam you.
gettectonic.com