Data Security in Salesforce
Strategies for controlling access to your Salesforce data using point-and-click security tools.
Trailhead: Protect your Salesforce DataFree, guided learning paths from Salesforce.com. This trail walks you through modules and units that will help you learn the basics of data security.
- Trailhead: Protect your Data Security Trail
Webinar: Data Security in Salesforce
Download the webinar slide deck and repurpose for your internal trainings or presentations to key stakeholders and end users.
Trust.salesforce.com is the Salesforce community's home for real-time information on system performance and security
Salesforce Shield protects your institution with point-and-click tools that enhance trust, transparency, compliance, and governance across all of your business-critical apps. Shield is available at a deep discount to Salesforce.org customers. Contact your Account Executive for pricing.
If your organization manages individuals identifiable health information, you may need to follow standards set forth by the Health Insurance Portability and Accountability Act (HIPAA) to protect the privacy and security of protected health information where applicable. Review this slide deck to learn about HIPAA, understand Salesforce's role as a Business Associate, and explore features of Salesforce and Salesforce Shield that can enhance your organization's security.
- Salesforce and the HIPAA Security Rule Slide Deck
- Salesforce and the HIPAA Security Rule webinar recording (coming soon)
The General Data Protection Regulation (GDPR) is a comprehensive European privacy law that takes effect on May 25, 2018. Salesforce is committed to compliance with the GDPR:
- GDPR Resources Site from Salesforce
- Trailhead: European Union Privacy Law Basics
- GDPR Data Processing Addendum
FERPAFERPA requires that federally funded institutions, under programs administered by the U.S. Department of Education, comply with certain procedures with regard to disclosing and maintaining educational records. FERPA was not enacted to preclude the disclosure of educational records simply because the records identify a student by name; rather, it was designed to protect the student’s educational information and status as a student.
- Understanding the role of Salesforce in the context of the Family Educational Rights and Privacy Act (FERPA)
2. Review Your Security Settings
Assess your Org Security with the Salesforce Health Check Tool
Review Security Settings
- View and Manage Users
- Set Password Policies
- Restrict When and Where Users Can Login to Salsforce
- Two-Factor Authentication
3. Train your Users
Educate End Users About Security Best Practices
Teach users to not be fooled by phishing, and to not click links or open attachments in suspicious emails.
- If you or any of your users are unsure about whether a Salesforce email is legitimate, forward the email to email@example.com
Give each user a license and be sure users do not share passwords.
Audit System Use
Auditing provides information about use of the system, which can be critical in diagnosing potential or real security issues.
Join the next Salesforce.org Circle of Success
Circles of Success are small group, interactive clinics with other Salesforce.org customers.
- Register for Become a Data Management Rockstar
- Data Security Group in the Power of Us Hub
- Data Quality Group in the Power of Us Hub
- Hub Community Office Hours
Log a Tech Support Ticket
If you get stuck, you can always log a tech support ticket. Every Salesforce.org customer has access to a Standard Success Plan which includes access to Standard Support.