Welcome to part 2 of the FairWarning® for Salesforce business blog post series: Information Security. In this post, we will be discussing how to secure your sensitive information within Salesforce and why data protection and security are so important for the cloud. We’ll walk you through examples of what activity you can monitor for inside your Salesforce application i.e. export activity and login activity. We’ll also show you how you can maximize ROI on your Salesforce investment while keeping data from going out the door to a competitor.
Consider the following thought experiment: if you were a king, and you were responsible for the wealth and security of your kingdom, would you leave your “crown jewels” vulnerable outside the castle walls? If you care at all for the well-being of your domain, and are not grossly negligent, the answer is likely to be a resounding “no.”
The situation is basically the same for contemporary businesses. When it comes to your organization’s most sensitive data, you should know “who” is accessing “what” inside your critical applications to keep valuable company data inside the organization.
Employees within your business pose the greatest risk to your most valuable data. These employees are known as “insider threats.” According to a Ponemon report, insider threats cost organizations $4.3 million dollars a year on average. In fact, 60% of all cybersecurity attacks are caused by employees inside an organization, with 44.5% being malicious insiders and 15.5% being inadvertent actors. Using FairWarning for Salesforce, you can gain insight into your employee’s behavior inside your applications:
User Activity Monitoring: Exporting Activity
Whether it’s a departing employee looking to take your data to a competitor, or a careless employee frivolously exporting sensitive customer information, organizations are utilizing FairWarning® for Salesforce to monitor exporting activity within their Salesforce application. FairWarning® customers can not only gain insight into who is exporting their data, but also who is running, viewing, and exporting reports.
As an example, consider the following hypothetical scenario: Keith, a long-time sales executive at your organization, has resigned. He says there’s no malice, it’s just time for him to move on. Looking back into his exporting activity using FairWarning® for Salesforce, it seems Keith began exporting large amounts of customer information around 3 months prior to his resignation. Before Keith can take this information to a competitor, you’re able to address the situation and establish data protection and security without taking legal action.
User Activity Monitoring: Login Activity
Valuable security insights can be gained through login activity. Whether employees are having trouble logging into the Salesforce application or there’s an abnormal login from an unknown location. Issues can be confronted before real trouble arises.
Again, an example can help clarify the stakes. Imagine that your company is based out of San Francisco, California. Your team travels the globe, but mostly in the continental United States and the U.K. It appears someone is trying to login from Stockholm, Sweden. No one in your organization is in Sweden to your knowledge, and this seems suspicious. So, you shut down the login and thwart a potential threat while you investigate the unusual activity. It turns out that Sarah, Director of Client Relations, was traveling in the U.K. when someone stole her laptop at the airport. Since she was boarding a flight and only using her mobile phone, she was unaware that her laptop was not in tow. She only realized what had happened when your team contacted her regarding suspicious activity on her Salesforce account. Lucky for her, the activity was shut down immediately upon detection.
Read a true story about login activity and its implications for your business as a potential threat here.
A Look Into the Future: User Behavioral Analytics
“To predict future behavior, look to past behavior” is a useful maxim in almost all areas of life, but it is especially pertinent for internal monitoring. Abnormal activity within your Salesforce® application can provide invaluable insights into an employee’s probable behavior.
Example: Tim, Account Manager, accesses around 100 accounts per day in his usual work activity. All of a sudden, he starts accessing over 300 accounts per day. Digging into analytics, you can see what drove this behavior. Was it business? Or does it seem like suspicious activity? Behavioral analytics allows you to observe and make an appropriate judgment, nipping potential cases of stolen data in the bud. Drawing valuable insights from Tim’s past behavior, you conclude that Tim was working after hours, and he increased his prospecting performance. You’re able to identify the activity as business related and save valuable time that a manual investigation would have required.
Cost to Your Organization
The cost of forensic investigations and data breaches to your organization may be far higher than you would expect. Calculate the cost of your investigations per month using a chart like the one below:
Rapid Regulatory Reporting for Cloud Compliance
In 2017, we exist in an era of almost overwhelming cybersecurity threats. Therefore, data protection and security are more important than ever before. Just this year alone we have witnessed multiple widescale ransomware attacks i.e. Petya, WannaCry, and Cloudbleed. These threats to sensitive information are not going unnoticed, and usually involve an insider threat. Increased regulatory bodies are sprouting at a record pace in countries and territories around the globe to ensure that organizations are securing the sensitive information of their citizens. Organizations are capturing the power of cloud technologies such as Salesforce Event Monitoring with FairWarning® for Salesforce to take control of their data and bolster security measures to comply with these government regulations.
Part 3 of this series will explore Performance