Title 1

Top 10 Salesforce Security Best Practices

LABEL

Title 1

1. Activate multi-factor authentication (MFA)

LABEL

Fill in some text

MFA is a secure authentication method that requires users to prove their identity by providing two or more pieces of evidence when they log in.

Title 1

2. Restrict Access using IP ranges

LABEL

Fill in some text

Salesforce works on a multi-tenant architecture, where resources are shared between users with privacy and security. We can restrict authorized users using IP range.

Title 1

3. Restrictive Profile and Permission Sets

LABEL

Fill in some text

We should use read only profile and give permission to users using Permission sets. Multiple permission sets based on user's work profile should be added.

Title 1

4. Secure password management policies

LABEL

Fill in some text

Use all Salesforce recommanded best practices for password management like password expiration, password history and minimum length for passwords.

Title 1

5. Limit the number of failed logins

LABEL

Fill in some text

Set a maximum limit for number of failed login attempts. It can be set as 3 initially and can be reviwed later.

Title 1

6. Run Security Checks

LABEL

Fill in some text

Use Salesforce Security Health Check tool which lets administrators thoroughly assess their instance’s well-being by scanning the settings that ensure its safety.

Title 1

7. Use Salesforce Shield

LABEL

Fill in some text

Salesforce Shield can help admins and developers build a new level of trust and transparency in business-with enhanced encryption, app and data monitoring, and security policy automation

Title 1

8. Perform Regular Backups

LABEL

Fill in some text

Making regular backups will protect important data and metadata, and help make recovery fast and easy. Use effective backup and recovery system.

Title 1

9. Install apps for specific profiles

LABEL

Fill in some text

When installing an app or package, we should select specific user sets. Based on requirement select options 1. Install Admins Only 2. Install for Specific Profiles, 3. Install for All Users

Title 1

10. Secure APIs

LABEL

Fill in some text

Before giving access to any API to third party users, look into its security model. This applies to any third-party integrations like CTI or data enrichment tools,

Title 1

LABEL

Fill in some text

Consider these security best practices to secure your Salesforce Orgs. Thank You

Salesforce Inspector

Fill in some text