Skip to main content
Content Starts Here
This is a publicly shared Knowledge Article from the Power of Us Hub - an online community for nonprofit and higher ed Salesforce users. Join the Hub .
Best Practices

Healthy Org: Data Security in Salesforce

Data Security in Salesforce

Strategies for controlling access to your Salesforce data using point-and-click security tools.

1. Learn

Trailhead: Protect your Salesforce Data

Free, guided learning paths from Salesforce.com. This trail walks you through modules and units that will help you learn the basics of data security.

Webinar: Data Security in Salesforce

Download the webinar slide deck and repurpose for your internal trainings or presentations to key stakeholders and end users.


trust.salesforce.com

Trust.salesforce.com is the Salesforce community's home for real-time information on system performance and security


Salesforce Shield

Salesforce Shield protects your institution with point-and-click tools that enhance trust, transparency, compliance, and governance across all of your business-critical apps. Shield is available at a deep discount to Salesforce.org customers. Contact your Account Executive for pricing.


HIPAA

If your organization manages individuals identifiable health information, you may need to follow standards set forth by the Health Insurance Portability and Accountability Act (HIPAA) to protect the privacy and security of protected health information where applicableReview this slide deck to learn about HIPAA, understand Salesforce's role as a Business Associate, and explore features of Salesforce and Salesforce Shield that can enhance your organization's security.


GDPR

The General Data Protection Regulation (GDPR) is a comprehensive European privacy law that takes effect on May 25, 2018. Salesforce is committed to compliance with the GDPR:

2. Review Your Security Settings

Assess your Org Security with the Salesforce Health Check Tool


Review Security Settings

Org Access

Object Access

Record Access

Field Access

3. Train your Users

Educate End Users About Security Best Practices

Teach users to not be fooled by phishing, and to not click links or open attachments in suspicious emails.

  • If you or any of your users are unsure about whether a Salesforce email is legitimate, forward the email to security@salesforce.com

Give each user a license and be sure users do not share passwords.

4. Monitor

Audit System Use

Auditing provides information about use of the system, which can be critical in diagnosing potential or real security issues.


Get Help

 

Join the next Salesforce.org Circle of Success

Circles of Success are small group, interactive clinics with other Salesforce.org customers.


Community


Log a Tech Support Ticket

If you get stuck, you can always log a tech support ticket. Every Salesforce.org customer has access to a Standard Success Plan which includes access to Standard Support.