SlideShare uma empresa Scribd logo

[Delivering Salesforce secure access to remote workforce

A
Anna Loughnan Colquhoun

Salesforce Wellington presentation by Tomasz O.

Tecnologia
1 de 27
Baixar para ler offline
Ensure Salesforce Secure Access for Your Remote Workforce Salesforce COVID-19 Global Response April 2020 SCPPE Team
Forward-Looking Statement Statement under the Private Securities Litigation Reform Act of 1995: This presentation contains forward-looking statements about the company’s financial and operating results, which may include expected GAAP and non-GAAP financial and other operating and non-operating results, including revenue, net income, diluted earnings per share, operating cash flow growth, operating margin improvement, expected revenue growth, expected current remaining performance obligation growth, expected tax rates, the one-time accounting non-cash charge that was incurred in connection with the Salesforce.org combination; stock-based compensation expenses, amortization of purchased intangibles, shares outstanding, market growth and sustainability goals. The achievement or success of the matters covered by such forward-looking statements involves risks, uncertainties and assumptions. If any such risks or uncertainties materialize or if any of the assumptions prove incorrect, the company’s results could differ materially from the results expressed or implied by the forward-looking statements we make. The risks and uncertainties referred to above include -- but are not limited to -- risks associated with the effect of general economic and market conditions; the impact of geopolitical events; the impact of foreign currency exchange rate and interest rate fluctuations on our results; our business strategy and our plan to build our business, including our strategy to be the leading provider of enterprise cloud computing applications and platforms; the pace of change and innovation in enterprise cloud computing services; the seasonal nature of our sales cycles; the competitive nature of the market in which we participate; our international expansion strategy; the demands on our personnel and infrastructure resulting from significant growth in our customer base and operations, including as a result of acquisitions; our service performance and security, including the resources and costs required to avoid unanticipated downtime and prevent, detect and remediate potential security breaches; the expenses associated with new data centers and third-party infrastructure providers; additional data center capacity; real estate and office facilities space; our operating results and cash flows; new services and product features, including any efforts to expand our services beyond the CRM market; our strategy of acquiring or making investments in complementary businesses, joint ventures, services, technologies and intellectual property rights; the performance and fair value of our investments in complementary businesses through our strategic investment portfolio; our ability to realize the benefits from strategic partnerships, joint ventures and investments; the impact of future gains or losses from our strategic investment portfolio, including gains or losses from overall market conditions that may affect the publicly traded companies within the company's strategic investment portfolio; our ability to execute our business plans; our ability to successfully integrate acquired businesses and technologies, including delays related to the integration of Tableau due to regulatory review by the United Kingdom Competition and Markets Authority; our ability to continue to grow unearned revenue and remaining performance obligation; our ability to protect our intellectual property rights; our ability to develop our brands; our reliance on third-party hardware, software and platform providers; our dependency on the development and maintenance of the infrastructure of the Internet; the effect of evolving domestic and foreign government regulations, including those related to the provision of services on the Internet, those related to accessing the Internet, and those addressing data privacy, cross-border data transfers and import and export controls; the valuation of our deferred tax assets and the release of related valuation allowances; the potential availability of additional tax assets in the future; the impact of new accounting pronouncements and tax laws; uncertainties affecting our ability to estimate our tax rate; the impact of expensing stock options and other equity awards; the sufficiency of our capital resources; factors related to our outstanding debt, revolving credit facility, term loan and loan associated with 50 Fremont; compliance with our debt covenants and lease obligations; current and potential litigation involving us; and the impact of climate change. Further information on these and other factors that could affect the company’s financial results is included in the reports on Forms 10-K, 10-Q and 8-K and in other filings it makes with the Securities and Exchange Commission from time to time. These documents are available on the SEC Filings section of the Investor Information section of the company’s website at www.salesforce.com/investor. Salesforce.com, inc. assumes no obligation and does not intend to update these forward-looking statements, except as required by law.
Healthcare and Life Sciences Go-To-Market Agenda 01 Introduction 02 Get to Know Secure Access Domains 03 04 Additional Features Q&A and Resources
Healthcare and Life Sciences Go-To-Market Introduction
The COVID-19 Company Workforce Challenge Extending Access Points Sharing Best Practices Secure and monitor access controls Overcome current objections We’re here to help Salesforce customers design and deploy remote workforce access.
Business or Salesforce Administrators What admins find in their remote workforce assessment Small to medium number of Salesforce users Users accessing Salesforce from home Part-time or full-timeSalesforce Administrator Admins need to learn about security features to control access
Healthcare and Life Sciences Go-To-Market Get to Know Secure Access Domains
Secure Access Domains How to ensure secure access and report on activity 1 Access Users can access Salesforce securely from home. 2 Authentication 3 Device 4 Monitoring Only authorised users log in. Allows access from home (personal hardware), and is not compromised by virus, malware, or keyloggers. Assurance that you can report on user activity.
Remote Location Access Checklist ACCESS Login IP Ranges (Profile) Login Hours (Profile) Ensure Single-Sign On (SSO) is accessible outside the office, using webSSO US Export Control Note: No access from Cuba, Iran, North Korea, Sudan, Syria or the region of Crimea
1. Specify a range of allowed IP addresses on a user’s profile to control access 2. Relax IP restriction and use other controls (such as 2FA) 3. Restrict IP range for integration 4. Create clear documentation IP Range Restriction ACCESS Resources: Knowledge Article Google search “What is my IP?” Go to Setup, Profile, “any profile”, and select Login IP Ranges
1. Specify the hours when users can log in, based on the user profile 2. Consider relaxing work hours due to the nature of work at this time 3. Document reasons for any changes Login Hours Restriction ACCESS Resources: Knowledge Article
Allowing Authorised Users Identity Verification using a 6 digit pin vs SMS or email Non-web logins (Outlook plugin, 3rd party app, API) - Use a security token if outside Trusted IP Range (append to the end of the password) 2FA (Two-Factor Authentication) - Use another device to confirm login - Salesforce Authenticator or any standard 2FA apps provided by Google or Microsoft - Can be part of your login flow Login Flow - Prevents multiple logins AUTHENTICATION
1. Do not include remote IPs 2. Create clear documentation Trusted IP Ranges AUTHENTICATION Resources: Knowledge Article If a user tries to login from an IP address, device, or browser that Salesforce does not recognise, an activation code is required.
1. Verify desktop or API login from a non-trusted range 2. Required when outside trusted IP 3. Reset password if received unknown token reset email Security Token for API Login AUTHENTICATION Resources: Knowledge Article Password Best Practices: Strong computer generated code, 24 characters Append to the password, such as mypasswordXXXXXXXXXX
1. Require 2FA for every login 2. Use increased authentication (“high assurance”) in Session Settings to secure resources, such as a connected app or reports 3. Use Login Flows to build post-authentication requirements as the user logs in or custom 2FA (sms) Salesforce Authenticator mobile app for Android and iOS Go to Setup and select Session Settings Two-Factor Authentication AUTHENTICATION Resources: Knowledge Article How-to Video Best Practices: A “Must-Have” for all Salesforce Administrator Accounts
1. Collect and update user data ○ Emergency contact number, etc. 2. Implement Notice Board 3. Use stronger authentication ○ Prevents multiple logins ○ Detects and restricts suspicious IP addresses ○ Implements SMS, biometric, or other authentication techniques 4. Monitoring ○ Send a notification every time a user logs in outside working hours Login Flows AUTHENTICATION Resources: Knowledge Article Best Practices: Great for unique use cases Use Declarative before code Build post-authentication processes to match your business practices Notice Board
Challenges: Allowing Access for Specific Devices HOME VS. PUBLICNETWORK VIRUSES, MALWARE, AND PHISHING DEVICES ● Viruses are the user’s responsibility, attachments can’t spread within Salesforce app ● Malware is the user’s responsibility and Salesforce CSIRT can detect ● Phishing - See Access (Identity Verification, 2FA, SSO) ● For home networks, update Operating System (OS) browser and AV software ● Avoid public access points (Internet Cafe, free WiFi) Best Practices: Keep browser and operating systems up-to-date Define the security contact on your help and training
Login history ● Org or User level ● Last six months ● Post-login, reactive ● Knowledge Article Login flows ● Custom logic ● At login level, not applicable to specific business events ● Knowledge Article Event monitoring with Transaction Security (Add-on) ● Real-time detection and prevention of specific business events, such as data export and lead conversion ● Add-on license ● Knowledge Article Reporting on user logins MONITORING Org Level User Level Best Practices: ● Review login history weekly ● Look for failed logins ● Evaluate event monitoring add-on
Additional Features
Single Sign-on (SSO) ● Lets users access multiple applications with one sign on ● Convenient for users and IT, but comes with the risk of having a single point of failure ● We recommend two-factor authentication (2FA) or multifactor authentication (MFA)
Session-based Permission Sets ● Allows only functional access during a predefined session type ● Use case: ○ A web application that accesses confidential information ○ Use a session-based permission set with a token to limit user access for a predetermined length of time ○ When the token expires, users must reauthenticate to access the application again Resources: Knowledge Article
Q&A
Secure Access Core Resources Trailhead: Secure Your Users' Identity Help and Training: Restrict Where and When Users Can Log In to Salesforce Salesforce Developer Site: Salesforce Security Guide Videos: YouTube Salesforce Channel (for instance, search for 2FA)
Introducing Salesforce Care Solutions NEW Rapid Response for Employee & Customer Support includes: myTrailhead, Employee Community, Customer Community, Agent Console, and Premier Success NEW Social Community Engagement Work From Home with Quip Tableau COVID-19 Data Hub Care Response Solution for Healthcare Systems* includes: Health Cloud, Salesforce Shield, Salesforce Communities, and myTrailhead NEW Philanthropy Cloud available in the US only for rallying employees around their communities through giving campaigns plus virtual or skills-based volunteering NEW Essentials free for 3 months up to 10 users, worldwide NEW Tableau Desktop free for 3 months up to 10 users, worldwide Salesforce Care Ecosystem: AppExchange Resource Center Includes Access to Customer Success Resources Employees & Customers Industries Small Business *Specifically for for emergency response teams, call centers, and care management teams at health systems affected by coronavirus
TRAILBLAZER INNOVATION REGIONAL SUCCESS PRODUCT SUCCESS CUSTOMER SUCCESS HUB APAC (English) EMEA (English) Deutsch Español Français Português 日本 Join our family (Ohana) of Customer Success groups in the Trailblazer Community!! Official groups featuring Blaze are the best places for Trailblazers to connect, learn, get inspired and stay up to date on the latest customer success resources – all in your own language and region. Start Here success.salesforce.com > Featured Groups
[Delivering Salesforce secure access to remote workforce

Recomendados

TDX Global Gathering - Wellington UG
TDX Global Gathering - Wellington UGTDX Global Gathering - Wellington UG
TDX Global Gathering - Wellington UG
Stephan Chandler-Garcia
 
Experience cloud for salesforce user group wellington may 2021
Experience cloud for salesforce user group wellington may 2021Experience cloud for salesforce user group wellington may 2021
Experience cloud for salesforce user group wellington may 2021
Anna Loughnan Colquhoun
 
Dreamforce 2019: Do More Within Salesforce Governor Limits using Platform Events
Dreamforce 2019: Do More Within Salesforce Governor Limits using Platform EventsDreamforce 2019: Do More Within Salesforce Governor Limits using Platform Events
Dreamforce 2019: Do More Within Salesforce Governor Limits using Platform Events
Roy Gilad
 
How to Use Salesforce Platform Events to Help With Salesforce Limits
How to Use Salesforce Platform Events to Help With Salesforce LimitsHow to Use Salesforce Platform Events to Help With Salesforce Limits
How to Use Salesforce Platform Events to Help With Salesforce Limits
Roy Gilad
 
Apply the Salesforce CLI To Everyday Problems
Apply the Salesforce CLI To Everyday ProblemsApply the Salesforce CLI To Everyday Problems
Apply the Salesforce CLI To Everyday Problems
Peter Chittum
 
Salesforce Spring'20 Features
Salesforce Spring'20 FeaturesSalesforce Spring'20 Features
Salesforce Spring'20 Features
Bordeaux Salesforce Developer Group
 
Wellington Salesforce Trailblazer Community August 2021 Virtual Meeting with ...
Wellington Salesforce Trailblazer Community August 2021 Virtual Meeting with ...Wellington Salesforce Trailblazer Community August 2021 Virtual Meeting with ...
Wellington Salesforce Trailblazer Community August 2021 Virtual Meeting with ...
Anna Loughnan Colquhoun
 
Introduction to Mulesoft and Salesforce Spring '19 release features
Introduction to Mulesoft and Salesforce Spring '19 release featuresIntroduction to Mulesoft and Salesforce Spring '19 release features
Introduction to Mulesoft and Salesforce Spring '19 release features
Bordeaux Salesforce Developer Group
 

Recomendados

TDX Global Gathering - Wellington UG
TDX Global Gathering - Wellington UGTDX Global Gathering - Wellington UG
TDX Global Gathering - Wellington UG
Stephan Chandler-Garcia
 
Experience cloud for salesforce user group wellington may 2021
Experience cloud for salesforce user group wellington may 2021Experience cloud for salesforce user group wellington may 2021
Experience cloud for salesforce user group wellington may 2021
Anna Loughnan Colquhoun
 
Dreamforce 2019: Do More Within Salesforce Governor Limits using Platform Events
Dreamforce 2019: Do More Within Salesforce Governor Limits using Platform EventsDreamforce 2019: Do More Within Salesforce Governor Limits using Platform Events
Dreamforce 2019: Do More Within Salesforce Governor Limits using Platform Events
Roy Gilad
 
How to Use Salesforce Platform Events to Help With Salesforce Limits
How to Use Salesforce Platform Events to Help With Salesforce LimitsHow to Use Salesforce Platform Events to Help With Salesforce Limits
How to Use Salesforce Platform Events to Help With Salesforce Limits
Roy Gilad
 
Apply the Salesforce CLI To Everyday Problems
Apply the Salesforce CLI To Everyday ProblemsApply the Salesforce CLI To Everyday Problems
Apply the Salesforce CLI To Everyday Problems
Peter Chittum
 
Salesforce Spring'20 Features
Salesforce Spring'20 FeaturesSalesforce Spring'20 Features
Salesforce Spring'20 Features
Bordeaux Salesforce Developer Group
 
Wellington Salesforce Trailblazer Community August 2021 Virtual Meeting with ...
Wellington Salesforce Trailblazer Community August 2021 Virtual Meeting with ...Wellington Salesforce Trailblazer Community August 2021 Virtual Meeting with ...
Wellington Salesforce Trailblazer Community August 2021 Virtual Meeting with ...
Anna Loughnan Colquhoun
 
Introduction to Mulesoft and Salesforce Spring '19 release features
Introduction to Mulesoft and Salesforce Spring '19 release featuresIntroduction to Mulesoft and Salesforce Spring '19 release features
Introduction to Mulesoft and Salesforce Spring '19 release features
Bordeaux Salesforce Developer Group
 
Winter 21 Developer Highlights for Salesforce
Winter 21 Developer Highlights for SalesforceWinter 21 Developer Highlights for Salesforce
Winter 21 Developer Highlights for Salesforce
Peter Chittum
 
Salesforce Spring '21 - Release Overview
Salesforce Spring '21 - Release OverviewSalesforce Spring '21 - Release Overview
Salesforce Spring '21 - Release Overview
Bordeaux Salesforce Developer Group
 
Salesforce for Platform
Salesforce for PlatformSalesforce for Platform
Salesforce for Platform
Sebastian Wieland
 
Summer '20 preview release overview-deck
Summer '20 preview release overview-deckSummer '20 preview release overview-deck
Summer '20 preview release overview-deck
Alan Thomas Payne
 
Release Winter 22 FR
Release Winter 22 FRRelease Winter 22 FR
Release Winter 22 FR
Thierry TROUIN ☁
 
Bangkok Admin Group TrailheaDX 2020 Global Gathering v2
Bangkok Admin Group TrailheaDX 2020 Global Gathering v2Bangkok Admin Group TrailheaDX 2020 Global Gathering v2
Bangkok Admin Group TrailheaDX 2020 Global Gathering v2
Jihun Jung
 
Los Angeles Admin Trailblazer Community Group TrailheaDX 2020 Global Gatherin...
Los Angeles Admin Trailblazer Community Group TrailheaDX 2020 Global Gatherin...Los Angeles Admin Trailblazer Community Group TrailheaDX 2020 Global Gatherin...
Los Angeles Admin Trailblazer Community Group TrailheaDX 2020 Global Gatherin...
Russell Feldman
 
summer21-fr
summer21-frsummer21-fr
summer21-fr
Thierry TROUIN ☁
 
Winter '22 highlights
Winter '22 highlightsWinter '22 highlights
Winter '22 highlights
AtaullahKhan31
 
#ImpactSalesforceSaturday: Prepare for Salesforce Certified Heroku Architectu...
#ImpactSalesforceSaturday: Prepare for Salesforce Certified Heroku Architectu...#ImpactSalesforceSaturday: Prepare for Salesforce Certified Heroku Architectu...
#ImpactSalesforceSaturday: Prepare for Salesforce Certified Heroku Architectu...
New Delhi Salesforce Developer Group
 
Maximize Apex Performance with Platform Cache
Maximize Apex Performance with Platform CacheMaximize Apex Performance with Platform Cache
Maximize Apex Performance with Platform Cache
Adam Olshansky
 
Trusted Reliability & Performance with the AppExchange Platform
Trusted Reliability & Performance with the AppExchange PlatformTrusted Reliability & Performance with the AppExchange Platform
Trusted Reliability & Performance with the AppExchange Platform
dreamforce2006
 
Business Mashups Best of the Web APIs
Business Mashups Best of the Web APIsBusiness Mashups Best of the Web APIs
Business Mashups Best of the Web APIs
dreamforce2006
 
Einstein, not Frankenstein - Understanding Salesforce Artificial Intelligence
Einstein, not Frankenstein - Understanding Salesforce Artificial IntelligenceEinstein, not Frankenstein - Understanding Salesforce Artificial Intelligence
Einstein, not Frankenstein - Understanding Salesforce Artificial Intelligence
Roy Gilad
 
Unleash the Potential of Big Data on Salesforce
Unleash the Potential of Big Data on SalesforceUnleash the Potential of Big Data on Salesforce
Unleash the Potential of Big Data on Salesforce
Dreamforce
 
Hybrid IT: The Importance of Integration to Salesforce Success
Hybrid IT: The Importance of Integration to Salesforce SuccessHybrid IT: The Importance of Integration to Salesforce Success
Hybrid IT: The Importance of Integration to Salesforce Success
Darren Cunningham
 
Expert Hour: Salesforce integration tools - why, what & how?
Expert Hour: Salesforce integration tools - why, what & how?Expert Hour: Salesforce integration tools - why, what & how?
Expert Hour: Salesforce integration tools - why, what & how?
Geraldine Gray
 
The Power of Salesforce APIs World Tour Edition
The Power of Salesforce APIs World Tour EditionThe Power of Salesforce APIs World Tour Edition
The Power of Salesforce APIs World Tour Edition
Peter Chittum
 
Stephen's 10 ish favourite spring'20 features
Stephen's 10 ish favourite spring'20 featuresStephen's 10 ish favourite spring'20 features
Stephen's 10 ish favourite spring'20 features
Auckland Salesforce User Group
 
Admin Best Practices: Remove Security Risk From Your Org with a User Audit
Admin Best Practices: Remove Security Risk From Your Org with a User AuditAdmin Best Practices: Remove Security Risk From Your Org with a User Audit
Admin Best Practices: Remove Security Risk From Your Org with a User Audit
Salesforce Admins
 
10 Easy Steps to Mastering Org Security
10 Easy Steps to Mastering Org Security10 Easy Steps to Mastering Org Security
10 Easy Steps to Mastering Org Security
Salesforce Admins
 
Deep dive into salesforce connected app part 1
Deep dive into salesforce connected app part 1Deep dive into salesforce connected app part 1
Deep dive into salesforce connected app part 1
Mohith Shrivastava
 

Mais conteúdo relacionado

Mais procurados

Release Winter 22 FR
Release Winter 22 FRRelease Winter 22 FR
Release Winter 22 FR
Thierry TROUIN ☁
 
#ImpactSalesforceSaturday: Prepare for Salesforce Certified Heroku Architectu...
#ImpactSalesforceSaturday: Prepare for Salesforce Certified Heroku Architectu...#ImpactSalesforceSaturday: Prepare for Salesforce Certified Heroku Architectu...
#ImpactSalesforceSaturday: Prepare for Salesforce Certified Heroku Architectu...
New Delhi Salesforce Developer Group
 
Trusted Reliability & Performance with the AppExchange Platform
Trusted Reliability & Performance with the AppExchange PlatformTrusted Reliability & Performance with the AppExchange Platform
Trusted Reliability & Performance with the AppExchange Platform
dreamforce2006
 
Business Mashups Best of the Web APIs
Business Mashups Best of the Web APIsBusiness Mashups Best of the Web APIs
Business Mashups Best of the Web APIs
dreamforce2006
 

Mais procurados (19)

Winter 21 Developer Highlights for Salesforce
Winter 21 Developer Highlights for SalesforceWinter 21 Developer Highlights for Salesforce
Winter 21 Developer Highlights for Salesforce
 
Salesforce Spring '21 - Release Overview
Salesforce Spring '21 - Release OverviewSalesforce Spring '21 - Release Overview
Salesforce Spring '21 - Release Overview
 
Salesforce for Platform
Salesforce for PlatformSalesforce for Platform
Salesforce for Platform
 
Summer '20 preview release overview-deck
Summer '20 preview release overview-deckSummer '20 preview release overview-deck
Summer '20 preview release overview-deck
 
Release Winter 22 FR
Release Winter 22 FRRelease Winter 22 FR
Release Winter 22 FR
 
Bangkok Admin Group TrailheaDX 2020 Global Gathering v2
Bangkok Admin Group TrailheaDX 2020 Global Gathering v2Bangkok Admin Group TrailheaDX 2020 Global Gathering v2
Bangkok Admin Group TrailheaDX 2020 Global Gathering v2
 
Los Angeles Admin Trailblazer Community Group TrailheaDX 2020 Global Gatherin...
Los Angeles Admin Trailblazer Community Group TrailheaDX 2020 Global Gatherin...Los Angeles Admin Trailblazer Community Group TrailheaDX 2020 Global Gatherin...
Los Angeles Admin Trailblazer Community Group TrailheaDX 2020 Global Gatherin...
 
summer21-fr
summer21-frsummer21-fr
summer21-fr
 
Winter '22 highlights
Winter '22 highlightsWinter '22 highlights
Winter '22 highlights
 
#ImpactSalesforceSaturday: Prepare for Salesforce Certified Heroku Architectu...
#ImpactSalesforceSaturday: Prepare for Salesforce Certified Heroku Architectu...#ImpactSalesforceSaturday: Prepare for Salesforce Certified Heroku Architectu...
#ImpactSalesforceSaturday: Prepare for Salesforce Certified Heroku Architectu...
 
Maximize Apex Performance with Platform Cache
Maximize Apex Performance with Platform CacheMaximize Apex Performance with Platform Cache
Maximize Apex Performance with Platform Cache
 
Trusted Reliability & Performance with the AppExchange Platform
Trusted Reliability & Performance with the AppExchange PlatformTrusted Reliability & Performance with the AppExchange Platform
Trusted Reliability & Performance with the AppExchange Platform
 
Business Mashups Best of the Web APIs
Business Mashups Best of the Web APIsBusiness Mashups Best of the Web APIs
Business Mashups Best of the Web APIs
 
Einstein, not Frankenstein - Understanding Salesforce Artificial Intelligence
Einstein, not Frankenstein - Understanding Salesforce Artificial IntelligenceEinstein, not Frankenstein - Understanding Salesforce Artificial Intelligence
Einstein, not Frankenstein - Understanding Salesforce Artificial Intelligence
 
Unleash the Potential of Big Data on Salesforce
Unleash the Potential of Big Data on SalesforceUnleash the Potential of Big Data on Salesforce
Unleash the Potential of Big Data on Salesforce
 
Hybrid IT: The Importance of Integration to Salesforce Success
Hybrid IT: The Importance of Integration to Salesforce SuccessHybrid IT: The Importance of Integration to Salesforce Success
Hybrid IT: The Importance of Integration to Salesforce Success
 
Expert Hour: Salesforce integration tools - why, what & how?
Expert Hour: Salesforce integration tools - why, what & how?Expert Hour: Salesforce integration tools - why, what & how?
Expert Hour: Salesforce integration tools - why, what & how?
 
The Power of Salesforce APIs World Tour Edition
The Power of Salesforce APIs World Tour EditionThe Power of Salesforce APIs World Tour Edition
The Power of Salesforce APIs World Tour Edition
 
Stephen's 10 ish favourite spring'20 features
Stephen's 10 ish favourite spring'20 featuresStephen's 10 ish favourite spring'20 features
Stephen's 10 ish favourite spring'20 features
 

Semelhante a [Delivering Salesforce secure access to remote workforce

Alba Rivas - Building Slack Applications with Bolt.js.pdf
Alba Rivas - Building Slack Applications with Bolt.js.pdfAlba Rivas - Building Slack Applications with Bolt.js.pdf
Alba Rivas - Building Slack Applications with Bolt.js.pdf
MarkPawlikowski2
 
Dreamforce 2019 Five Reasons Why CLI Plugins are a Salesforce Partners Secret...
Dreamforce 2019 Five Reasons Why CLI Plugins are a Salesforce Partners Secret...Dreamforce 2019 Five Reasons Why CLI Plugins are a Salesforce Partners Secret...
Dreamforce 2019 Five Reasons Why CLI Plugins are a Salesforce Partners Secret...
Vivek Chawla
 

Semelhante a [Delivering Salesforce secure access to remote workforce (20)

Admin Best Practices: Remove Security Risk From Your Org with a User Audit
Admin Best Practices: Remove Security Risk From Your Org with a User AuditAdmin Best Practices: Remove Security Risk From Your Org with a User Audit
Admin Best Practices: Remove Security Risk From Your Org with a User Audit
 
10 Easy Steps to Mastering Org Security
10 Easy Steps to Mastering Org Security10 Easy Steps to Mastering Org Security
10 Easy Steps to Mastering Org Security
 
Deep dive into salesforce connected app part 1
Deep dive into salesforce connected app part 1Deep dive into salesforce connected app part 1
Deep dive into salesforce connected app part 1
 
Essential Habits for Salesforce Admins: Security
Essential Habits for Salesforce Admins: SecurityEssential Habits for Salesforce Admins: Security
Essential Habits for Salesforce Admins: Security
 
What’s new in summer’15 release - Security & Compliance
What’s new in summer’15 release - Security & ComplianceWhat’s new in summer’15 release - Security & Compliance
What’s new in summer’15 release - Security & Compliance
 
What’s new in summer’15 release - Security & Compliance
What’s new in summer’15 release - Security & ComplianceWhat’s new in summer’15 release - Security & Compliance
What’s new in summer’15 release - Security & Compliance
 
Dreamforce Global Gathering
Dreamforce Global GatheringDreamforce Global Gathering
Dreamforce Global Gathering
 
Salesforce Sydney Trailblazer User Group Global Gathering Dreamforce ‘19 High...
Salesforce Sydney Trailblazer User Group Global Gathering Dreamforce ‘19 High...Salesforce Sydney Trailblazer User Group Global Gathering Dreamforce ‘19 High...
Salesforce Sydney Trailblazer User Group Global Gathering Dreamforce ‘19 High...
 
Delivering powerful integrations without code using out-of-the-box Salesforce...
Delivering powerful integrations without code using out-of-the-box Salesforce...Delivering powerful integrations without code using out-of-the-box Salesforce...
Delivering powerful integrations without code using out-of-the-box Salesforce...
 
Let's Learn About Heroku and How to Integrate with Salesforce
Let's Learn About Heroku and How to Integrate with SalesforceLet's Learn About Heroku and How to Integrate with Salesforce
Let's Learn About Heroku and How to Integrate with Salesforce
 
Essential Habits for New Admins
Essential Habits for New AdminsEssential Habits for New Admins
Essential Habits for New Admins
 
Salesforce Backup, Restore & Archiving- Adam Best, Senior Program Architect
Salesforce Backup, Restore & Archiving- Adam Best, Senior Program ArchitectSalesforce Backup, Restore & Archiving- Adam Best, Senior Program Architect
Salesforce Backup, Restore & Archiving- Adam Best, Senior Program Architect
 
Trailhead Live: Essential Habits & Core Admin Responsibilities
Trailhead Live: Essential Habits & Core Admin ResponsibilitiesTrailhead Live: Essential Habits & Core Admin Responsibilities
Trailhead Live: Essential Habits & Core Admin Responsibilities
 
Alba Rivas - Building Slack Applications with Bolt.js.pdf
Alba Rivas - Building Slack Applications with Bolt.js.pdfAlba Rivas - Building Slack Applications with Bolt.js.pdf
Alba Rivas - Building Slack Applications with Bolt.js.pdf
 
WT19: Platform Events Are for Admins Too!
WT19: Platform Events Are for Admins Too! WT19: Platform Events Are for Admins Too!
WT19: Platform Events Are for Admins Too!
 
Dreamforce 2019 Five Reasons Why CLI Plugins are a Salesforce Partners Secret...
Dreamforce 2019 Five Reasons Why CLI Plugins are a Salesforce Partners Secret...Dreamforce 2019 Five Reasons Why CLI Plugins are a Salesforce Partners Secret...
Dreamforce 2019 Five Reasons Why CLI Plugins are a Salesforce Partners Secret...
 
Release spring '22 - Community Groups français
Release spring '22 - Community Groups françaisRelease spring '22 - Community Groups français
Release spring '22 - Community Groups français
 
Single Sign-On and User Provisioning with Salesforce Identity
Single Sign-On and User Provisioning with Salesforce IdentitySingle Sign-On and User Provisioning with Salesforce Identity
Single Sign-On and User Provisioning with Salesforce Identity
 
Admin Best Practices: Explore the Power of Data with Tableau
Admin Best Practices: Explore the Power of Data with TableauAdmin Best Practices: Explore the Power of Data with Tableau
Admin Best Practices: Explore the Power of Data with Tableau
 
Admin Best Practices: 3 Steps to Seamless Deployments
Admin Best Practices: 3 Steps to Seamless DeploymentsAdmin Best Practices: 3 Steps to Seamless Deployments
Admin Best Practices: 3 Steps to Seamless Deployments
 

Mais de Anna Loughnan Colquhoun

Mais de Anna Loughnan Colquhoun (20)

Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Anna Loughnan Top 10 Salesforce Apps for Christchurch Salesforce user group M...
Anna Loughnan Top 10 Salesforce Apps for Christchurch Salesforce user group M...Anna Loughnan Top 10 Salesforce Apps for Christchurch Salesforce user group M...
Anna Loughnan Top 10 Salesforce Apps for Christchurch Salesforce user group M...
 
Spring24-Release Overview - Wellingtion User Group-1.pdf
Spring24-Release Overview - Wellingtion User Group-1.pdfSpring24-Release Overview - Wellingtion User Group-1.pdf
Spring24-Release Overview - Wellingtion User Group-1.pdf
 
Winter24-Welly Release Overview - Stephen Stanley.pdf
Winter24-Welly Release Overview - Stephen Stanley.pdfWinter24-Welly Release Overview - Stephen Stanley.pdf
Winter24-Welly Release Overview - Stephen Stanley.pdf
 
Eva Sherwood Dreamforce Reflections
Eva Sherwood Dreamforce ReflectionsEva Sherwood Dreamforce Reflections
Eva Sherwood Dreamforce Reflections
 
SFWelly dreamforce wrap up September 2023
SFWelly dreamforce wrap up September 2023SFWelly dreamforce wrap up September 2023
SFWelly dreamforce wrap up September 2023
 
Let's Discuss Security with SFWelly
Let's Discuss Security with SFWellyLet's Discuss Security with SFWelly
Let's Discuss Security with SFWelly
 
SFWelly - Backups Presentation
SFWelly - Backups PresentationSFWelly - Backups Presentation
SFWelly - Backups Presentation
 
Summer23-Welly Release Highlights - Stephen Stanley.pdf
Summer23-Welly Release Highlights - Stephen Stanley.pdfSummer23-Welly Release Highlights - Stephen Stanley.pdf
Summer23-Welly Release Highlights - Stephen Stanley.pdf
 
Salesforce Wellington User Group - devops for admins by David Smith
Salesforce Wellington User Group - devops for admins by David SmithSalesforce Wellington User Group - devops for admins by David Smith
Salesforce Wellington User Group - devops for admins by David Smith
 
Emily McCowan - My CTA Journey - Wellington User Group
Emily McCowan - My CTA Journey - Wellington User GroupEmily McCowan - My CTA Journey - Wellington User Group
Emily McCowan - My CTA Journey - Wellington User Group
 
Anna Loughnan - The Power of the Community, CodeCamp Wellington April 2023
Anna Loughnan - The Power of the Community, CodeCamp Wellington April 2023Anna Loughnan - The Power of the Community, CodeCamp Wellington April 2023
Anna Loughnan - The Power of the Community, CodeCamp Wellington April 2023
 
DevOps Journey - BCITO Te Pukenga Presentation - Copado additions v2.pdf
DevOps Journey - BCITO Te Pukenga Presentation - Copado additions v2.pdfDevOps Journey - BCITO Te Pukenga Presentation - Copado additions v2.pdf
DevOps Journey - BCITO Te Pukenga Presentation - Copado additions v2.pdf
 
Stephen Stanley - Spring 23 highlights.pdf
Stephen Stanley - Spring 23 highlights.pdfStephen Stanley - Spring 23 highlights.pdf
Stephen Stanley - Spring 23 highlights.pdf
 
First Steps to Salesforce Release Management & DevOps [Salesforce User Group,...
First Steps to Salesforce Release Management & DevOps [Salesforce User Group,...First Steps to Salesforce Release Management & DevOps [Salesforce User Group,...
First Steps to Salesforce Release Management & DevOps [Salesforce User Group,...
 
Dreamforce review Wellington Salesforce User Group October 2022
Dreamforce review Wellington Salesforce User Group October 2022Dreamforce review Wellington Salesforce User Group October 2022
Dreamforce review Wellington Salesforce User Group October 2022
 
Ministry of Health / Health NZ Public Health response to Covid using Salesforce
Ministry of Health / Health NZ Public Health response to Covid using SalesforceMinistry of Health / Health NZ Public Health response to Covid using Salesforce
Ministry of Health / Health NZ Public Health response to Covid using Salesforce
 
Salesforce Wellington User Group - August 2022 - Salesforce integration witho...
Salesforce Wellington User Group - August 2022 - Salesforce integration witho...Salesforce Wellington User Group - August 2022 - Salesforce integration witho...
Salesforce Wellington User Group - August 2022 - Salesforce integration witho...
 
Wellington Salesforce User Group - Summer 22 Release
Wellington Salesforce User Group - Summer 22 ReleaseWellington Salesforce User Group - Summer 22 Release
Wellington Salesforce User Group - Summer 22 Release
 
March 2022 Salesforce Welly _ Chch meeting.pdf
March 2022 Salesforce Welly _ Chch meeting.pdfMarch 2022 Salesforce Welly _ Chch meeting.pdf
March 2022 Salesforce Welly _ Chch meeting.pdf
 

Último

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Orbitshub
 

Último (20)

Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
AI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by AnitarajAI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by Anitaraj
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 

[Delivering Salesforce secure access to remote workforce

  • 1. Ensure Salesforce Secure Access for Your Remote Workforce Salesforce COVID-19 Global Response April 2020 SCPPE Team
  • 2. Forward-Looking Statement Statement under the Private Securities Litigation Reform Act of 1995: This presentation contains forward-looking statements about the company’s financial and operating results, which may include expected GAAP and non-GAAP financial and other operating and non-operating results, including revenue, net income, diluted earnings per share, operating cash flow growth, operating margin improvement, expected revenue growth, expected current remaining performance obligation growth, expected tax rates, the one-time accounting non-cash charge that was incurred in connection with the Salesforce.org combination; stock-based compensation expenses, amortization of purchased intangibles, shares outstanding, market growth and sustainability goals. The achievement or success of the matters covered by such forward-looking statements involves risks, uncertainties and assumptions. If any such risks or uncertainties materialize or if any of the assumptions prove incorrect, the company’s results could differ materially from the results expressed or implied by the forward-looking statements we make. The risks and uncertainties referred to above include -- but are not limited to -- risks associated with the effect of general economic and market conditions; the impact of geopolitical events; the impact of foreign currency exchange rate and interest rate fluctuations on our results; our business strategy and our plan to build our business, including our strategy to be the leading provider of enterprise cloud computing applications and platforms; the pace of change and innovation in enterprise cloud computing services; the seasonal nature of our sales cycles; the competitive nature of the market in which we participate; our international expansion strategy; the demands on our personnel and infrastructure resulting from significant growth in our customer base and operations, including as a result of acquisitions; our service performance and security, including the resources and costs required to avoid unanticipated downtime and prevent, detect and remediate potential security breaches; the expenses associated with new data centers and third-party infrastructure providers; additional data center capacity; real estate and office facilities space; our operating results and cash flows; new services and product features, including any efforts to expand our services beyond the CRM market; our strategy of acquiring or making investments in complementary businesses, joint ventures, services, technologies and intellectual property rights; the performance and fair value of our investments in complementary businesses through our strategic investment portfolio; our ability to realize the benefits from strategic partnerships, joint ventures and investments; the impact of future gains or losses from our strategic investment portfolio, including gains or losses from overall market conditions that may affect the publicly traded companies within the company's strategic investment portfolio; our ability to execute our business plans; our ability to successfully integrate acquired businesses and technologies, including delays related to the integration of Tableau due to regulatory review by the United Kingdom Competition and Markets Authority; our ability to continue to grow unearned revenue and remaining performance obligation; our ability to protect our intellectual property rights; our ability to develop our brands; our reliance on third-party hardware, software and platform providers; our dependency on the development and maintenance of the infrastructure of the Internet; the effect of evolving domestic and foreign government regulations, including those related to the provision of services on the Internet, those related to accessing the Internet, and those addressing data privacy, cross-border data transfers and import and export controls; the valuation of our deferred tax assets and the release of related valuation allowances; the potential availability of additional tax assets in the future; the impact of new accounting pronouncements and tax laws; uncertainties affecting our ability to estimate our tax rate; the impact of expensing stock options and other equity awards; the sufficiency of our capital resources; factors related to our outstanding debt, revolving credit facility, term loan and loan associated with 50 Fremont; compliance with our debt covenants and lease obligations; current and potential litigation involving us; and the impact of climate change. Further information on these and other factors that could affect the company’s financial results is included in the reports on Forms 10-K, 10-Q and 8-K and in other filings it makes with the Securities and Exchange Commission from time to time. These documents are available on the SEC Filings section of the Investor Information section of the company’s website at www.salesforce.com/investor. Salesforce.com, inc. assumes no obligation and does not intend to update these forward-looking statements, except as required by law.
  • 3. Healthcare and Life Sciences Go-To-Market Agenda 01 Introduction 02 Get to Know Secure Access Domains 03 04 Additional Features Q&A and Resources
  • 4. Healthcare and Life Sciences Go-To-Market Introduction
  • 5. The COVID-19 Company Workforce Challenge Extending Access Points Sharing Best Practices Secure and monitor access controls Overcome current objections We’re here to help Salesforce customers design and deploy remote workforce access.
  • 6. Business or Salesforce Administrators What admins find in their remote workforce assessment Small to medium number of Salesforce users Users accessing Salesforce from home Part-time or full-timeSalesforce Administrator Admins need to learn about security features to control access
  • 7. Healthcare and Life Sciences Go-To-Market Get to Know Secure Access Domains
  • 8. Secure Access Domains How to ensure secure access and report on activity 1 Access Users can access Salesforce securely from home. 2 Authentication 3 Device 4 Monitoring Only authorised users log in. Allows access from home (personal hardware), and is not compromised by virus, malware, or keyloggers. Assurance that you can report on user activity.
  • 9. Remote Location Access Checklist ACCESS Login IP Ranges (Profile) Login Hours (Profile) Ensure Single-Sign On (SSO) is accessible outside the office, using webSSO US Export Control Note: No access from Cuba, Iran, North Korea, Sudan, Syria or the region of Crimea
  • 10. 1. Specify a range of allowed IP addresses on a user’s profile to control access 2. Relax IP restriction and use other controls (such as 2FA) 3. Restrict IP range for integration 4. Create clear documentation IP Range Restriction ACCESS Resources: Knowledge Article Google search “What is my IP?” Go to Setup, Profile, “any profile”, and select Login IP Ranges
  • 11. 1. Specify the hours when users can log in, based on the user profile 2. Consider relaxing work hours due to the nature of work at this time 3. Document reasons for any changes Login Hours Restriction ACCESS Resources: Knowledge Article
  • 12. Allowing Authorised Users Identity Verification using a 6 digit pin vs SMS or email Non-web logins (Outlook plugin, 3rd party app, API) - Use a security token if outside Trusted IP Range (append to the end of the password) 2FA (Two-Factor Authentication) - Use another device to confirm login - Salesforce Authenticator or any standard 2FA apps provided by Google or Microsoft - Can be part of your login flow Login Flow - Prevents multiple logins AUTHENTICATION
  • 13. 1. Do not include remote IPs 2. Create clear documentation Trusted IP Ranges AUTHENTICATION Resources: Knowledge Article If a user tries to login from an IP address, device, or browser that Salesforce does not recognise, an activation code is required.
  • 14. 1. Verify desktop or API login from a non-trusted range 2. Required when outside trusted IP 3. Reset password if received unknown token reset email Security Token for API Login AUTHENTICATION Resources: Knowledge Article Password Best Practices: Strong computer generated code, 24 characters Append to the password, such as mypasswordXXXXXXXXXX
  • 15. 1. Require 2FA for every login 2. Use increased authentication (“high assurance”) in Session Settings to secure resources, such as a connected app or reports 3. Use Login Flows to build post-authentication requirements as the user logs in or custom 2FA (sms) Salesforce Authenticator mobile app for Android and iOS Go to Setup and select Session Settings Two-Factor Authentication AUTHENTICATION Resources: Knowledge Article How-to Video Best Practices: A “Must-Have” for all Salesforce Administrator Accounts
  • 16. 1. Collect and update user data ○ Emergency contact number, etc. 2. Implement Notice Board 3. Use stronger authentication ○ Prevents multiple logins ○ Detects and restricts suspicious IP addresses ○ Implements SMS, biometric, or other authentication techniques 4. Monitoring ○ Send a notification every time a user logs in outside working hours Login Flows AUTHENTICATION Resources: Knowledge Article Best Practices: Great for unique use cases Use Declarative before code Build post-authentication processes to match your business practices Notice Board
  • 17.
  • 18. Challenges: Allowing Access for Specific Devices HOME VS. PUBLICNETWORK VIRUSES, MALWARE, AND PHISHING DEVICES ● Viruses are the user’s responsibility, attachments can’t spread within Salesforce app ● Malware is the user’s responsibility and Salesforce CSIRT can detect ● Phishing - See Access (Identity Verification, 2FA, SSO) ● For home networks, update Operating System (OS) browser and AV software ● Avoid public access points (Internet Cafe, free WiFi) Best Practices: Keep browser and operating systems up-to-date Define the security contact on your help and training
  • 19. Login history ● Org or User level ● Last six months ● Post-login, reactive ● Knowledge Article Login flows ● Custom logic ● At login level, not applicable to specific business events ● Knowledge Article Event monitoring with Transaction Security (Add-on) ● Real-time detection and prevention of specific business events, such as data export and lead conversion ● Add-on license ● Knowledge Article Reporting on user logins MONITORING Org Level User Level Best Practices: ● Review login history weekly ● Look for failed logins ● Evaluate event monitoring add-on
  • 21. Single Sign-on (SSO) ● Lets users access multiple applications with one sign on ● Convenient for users and IT, but comes with the risk of having a single point of failure ● We recommend two-factor authentication (2FA) or multifactor authentication (MFA)
  • 22. Session-based Permission Sets ● Allows only functional access during a predefined session type ● Use case: ○ A web application that accesses confidential information ○ Use a session-based permission set with a token to limit user access for a predetermined length of time ○ When the token expires, users must reauthenticate to access the application again Resources: Knowledge Article
  • 23. Q&A
  • 24. Secure Access Core Resources Trailhead: Secure Your Users' Identity Help and Training: Restrict Where and When Users Can Log In to Salesforce Salesforce Developer Site: Salesforce Security Guide Videos: YouTube Salesforce Channel (for instance, search for 2FA)
  • 25. Introducing Salesforce Care Solutions NEW Rapid Response for Employee & Customer Support includes: myTrailhead, Employee Community, Customer Community, Agent Console, and Premier Success NEW Social Community Engagement Work From Home with Quip Tableau COVID-19 Data Hub Care Response Solution for Healthcare Systems* includes: Health Cloud, Salesforce Shield, Salesforce Communities, and myTrailhead NEW Philanthropy Cloud available in the US only for rallying employees around their communities through giving campaigns plus virtual or skills-based volunteering NEW Essentials free for 3 months up to 10 users, worldwide NEW Tableau Desktop free for 3 months up to 10 users, worldwide Salesforce Care Ecosystem: AppExchange Resource Center Includes Access to Customer Success Resources Employees & Customers Industries Small Business *Specifically for for emergency response teams, call centers, and care management teams at health systems affected by coronavirus
  • 26. TRAILBLAZER INNOVATION REGIONAL SUCCESS PRODUCT SUCCESS CUSTOMER SUCCESS HUB APAC (English) EMEA (English) Deutsch Español Français Português 日本 Join our family (Ohana) of Customer Success groups in the Trailblazer Community!! Official groups featuring Blaze are the best places for Trailblazers to connect, learn, get inspired and stay up to date on the latest customer success resources – all in your own language and region. Start Here success.salesforce.com > Featured Groups