Over the next few weeks, FairWarning will roll out a 4-part blog-post series outlining the ways your organization can leverage FairWarning to maximize the value of Salesforce data. The posts will outline some of the main security risks that accompany the growing prominence of Salesforce in modern businesses and why cloud application security matters. Future posts will touch upon usage and adoption, information security, compliance, and performance issues when utilizing Salesforce.
Since its initial introduction, the Salesforce application has evolved considerably. What started as an application for cloud-based customer relationship management has gradually become a comprehensive information-storage system, tightly integrated with almost all the critical functions of modern business. The number of organizations adopting Salesforce grows each day, but such growth brings emergent risks that will need to be actively managed through cloud application security if data integrity is to be maintained.
In the following, we offer an overview of Salesforce, the risks and threats that leading organizations are concerned about, and how they are attempting to secure their most valuable information in the face of them.
Salesforce: A Business-Critical Cloud Application
For many businesses that utilize Salesforce®, it would be difficult to maintain normal business operations without the application’s cloud storage facility. This is due to Salesforce’s dramatic growth within enterprises. The information stored in Salesforce has expanded precipitously, and now includes:
Highly proprietary, valuable customer and prospect information accumulated through years of relationship building as well as automated gathering processes;
Detailed information regarding employees and the organization;
Ordering systems that use price books, products, and contracts;
Financial information that feeds into corporate accounting systems which in turn generate GAAP audited financials.
Salesforce Holds the “Crown Jewels” of the Enterprise
What exactly does this information look like? It includes credit card numbers, banking account details, protected health information, and personally identifiable information of all kinds – all such data is now held in the Salesforce application. This information about customers and prospects is essential to an organization’s trust between customers and its advantage in the marketplace. Clearly, Salesforce now holds information considered to be the “crown jewels” of the enterprise.
Now more than ever, organizational data is at risk to departing employees looking to gain a personal advantage in the marketplace. According to the IBM X-Force Cybersecurity Report, 60% of all cybersecurity attacks are caused by employees inside an organization. These employees are most commonly referred to as “insider threats.” The cloud can give users access anywhere at any time, so cloud application security is absolutely crucial to prevent data theft.
In a study of 150 data theft cases, the recover report found that:
60% stole proprietary information in order to secure a new position with a company competitive to the data owner;
In 30% of the cases, the internal perpetrator’s motivation was to use the stolen information for the creation of new business.
Legal and Compliance Considerations
Businesses are increasingly prepared to bring suit against those who commit data theft. The identity theft resource report, www.edtheftcenter.org, cites numerous examples of businesses which have brought lawsuits against former employees who have been accused of stealing confidential customer information. Furthermore, there have never been more stringent regulations directed toward data compliance and the enforcement of privacy and security standards across the globe than now (i.e. FFIEC, FINRA, HIPAA, FCA, GDPR, and more).
Salesforce Event Monitoring: Going Beyond Cloud Application Security
To avoid these headaches and threats to business, organizations must implement a user activity monitoring and behavioral analytics program as part of their cloud application security procedures to protect sensitive and business-critical data. Reliable and legally sound user activity monitoring is not possible without audit logs.
Salesforce administrators know all too well that audit logs have historically been made available only through Salesforce Customer Service at considerable cost in both time and money.
To address this limitation, Salesforce has developed and released Event Monitoring under Salesforce Shield. Salesforce event monitoring files (audit log files) are automatically accessible through APIS and enable important aspects of data protection, including:
Continuous monitoring with alerts and filtering;
Flexible multi-criteria reporting and filtering;
Audit log storage, encryption, and archives;
However, Salesforce event monitoring files are clear text and are not human-readable without programmatic or manual manipulation.
FairWarning® for Salesforce
FairWarning® for Salesforce leverages these event monitoring files to boost cloud application security and provide data protection and governance through user activity monitoring. By automatically turning your event monitoring files into human-readable text, FairWarning® enables business users to easily interpret and gain insights from event log data. FairWarning® for Salesforce continuously monitors for unusual access, proactively alerts you of potential incidents, enables rapid investigations of user activity, and tests for satisfied regulatory requirements.
In the next blog posts, you will learn the Business Case Elements for FairWarning® for Salesforce, which include:
Usage and Adoption – unnecessary licenses;
Information Security – time spent monitoring and in forensic investigations;
Compliance – time spent on governance, audits, and annual reporting;
Performance – how to increase performance.