Salesforce is known for its strong security. Organizations around the world trust it to protect sensitive data and support key business operations. Its solid design and built-in tools make it a leader in cloud security. As a system administrator, you play a key role in keeping this security strong. Security isn’t just about the platform—it’s about how you manage and respond to risks.
To keep your Salesforce org secure, develop good habits. Regularly checking important settings can help you spot risks early, stay compliant, and maintain smooth operations. In this blog, we’ll look at three important areas to review: Login History, Remote Site Settings, and Connected Apps OAuth Usage.
If your Salesforce instance is managed by a third party, it is crucial to regularly engage with them to understand how they are using Remote Site Settings and Connected Apps. They are responsible for explaining their use of these features and clarifying who has access to specific data.
Salesforce Login History: A Vital Component of Your Security Posture
Setup > Login History
The Login History feature is a cornerstone of Salesforce’s security toolkit. It allows you to monitor user login activity, offering insights into access patterns and helping to detect anomalies that could signal potential security threats. Regularly downloading and reviewing this data is essential for identifying unusual behavior and staying ahead of security risks.
Key Features:
- Comprehensive Access Records
- Download up to six months of login history to examine detailed user activity.
- Filter and display up to 20,000 records to focus on specific timeframes or user groups.
- Geolocation Tracking
- View the approximate location of login attempts based on IP addresses.
- Enhance monitoring by including fields like city and postal code in custom views, while being mindful of geolocation accuracy limitations.
Why Regular Reviews Matter:
- Anomaly Detection: Spotting irregular login activity, such as access from unexpected locations or devices, helps mitigate threats.
- Compliance: Periodic audits of login history support adherence to data protection regulations and internal policies.
- Proactive Security: Identify, address trends, and prevent vulnerabilities before they lead to breaches.
By incorporating login history reviews into your routine, you build an environment of vigilance and strengthen your organization’s defenses.
Salesforce Remote Site Settings: Ensuring Secure External Integrations
Setup > Remote Site Settings
Integrating Salesforce with external systems is a common practice that enhances functionality and workflow efficiency. This means that administrators must actively manage these connections to prevent unauthorized data flows. The Remote Site Settings feature allows you to control which external web addresses Salesforce can access, providing a safeguard against unapproved integrations.
Key Features:
- Centralized Access Control
- Display and manage all web addresses that Salesforce is authorized to invoke.
- Add new trusted addresses via the New Remote Site button.
- Integration Oversight
- Monitor existing integrations and evaluate whether they remain necessary and secure.
Why Regular Reviews Matter:
- Risk Management: Outdated or unauthorized remote site entries can expose your organization to data breaches. Regular reviews help remove unnecessary connections.
- Compliance Assurance: Ensuring all external endpoints are legitimate supports alignment with regulatory and internal standards.
- Security Hygiene: Proactively managing remote site settings minimizes the risk of leaks or unauthorized access.
Regularly checking remote site settings helps keep your Salesforce environment secure and running smoothly while managing connections to outside data..
Salesforce Connected Apps OAuth Usage: Strengthening Access Control and Security
Setup > Connected Apps OAuth Usage
Connected apps in Salesforce provide powerful integrations with third-party systems, using OAuth protocols to manage secure access. If your apps are improperly monitored they can become a vulnerability. The Connected Apps OAuth Usage feature allows you to oversee and manage these integrations, ensuring they are authorized and secure.
Key Features:
- Comprehensive App Management
- View all connected apps using OAuth in your Salesforce org.
- Assess app usage and relevance to current workflows.
- Policy Control
- Install apps to define and enforce security policies.
- Block apps to prevent the initiation of new sessions.
- Session Termination
- Immediately block suspicious or unused apps to end all user sessions and minimize risks.
Why Regular Reviews Matter:
- Access Oversight: Ensure only authorized apps can access your Salesforce data, reducing the risk of data sharing with untrusted sources.
- Risk Mitigation: Blocking unused or suspicious apps decreases the attack surface, safeguarding your organization.
- Policy Compliance: Enforcing app-specific security policies ensures regulatory alignment and data integrity.
Integrating these reviews into your routine security checks promotes secure data sharing and reduces potential vulnerabilities across your Salesforce org.
Conclusion
Salesforce offers a robust foundation for secure business operations and administrators unlock the full potential by active monitoring and managing the security settings. Incorporating routine reviews of Login History, Remote Site Settings, and Connected Apps OAuth Usage into your security posture empowers your organization to mitigate risks, maintain compliance, and foster trust in your data environment.
We are serious about your security, contact us if you have any questions or concerns about your environment and we will help you sort through it.
Remember, a secure Salesforce org isn’t just the result of a powerful platform, it is a reflection of a diligent administrator. Stay proactive, stay secure!
If you are interested in more content like this, join the conversation on Linkedin!