Around 170,000 attendees swarmed San Francisco from over 83 countries to attend the 2018 Salesforce Dreamforce Conference – the most vibrant, busiest, and wildly innovative conference in the world of SaaS. This year, there were many privacy, compliance, and security takeaways from Dreamforce 2018 – as high-profile stories such as the Facebook data privacy scandal have spurred new regulations and awareness about the way we handle, store, and transmit data in the cloud.
Throughout the week, Salesforce made several powerful announcements to customers, partners, and attendees. Perhaps the most headline-grabbing was the newest partnership between Apple and Salesforce, which brings together the Salesforce CRM platform and the Apple iOS platform to create new mobile apps for businesses. And Amazon Web Services announced its strategic alliance with Salesforce, highlighting product integrations that aim to help organizations secure, share, and synchronize data across AWS and Salesforce services.
There were five common privacy and security themes that seemed to echo through the halls of the Moscone Center that revolved around the value of trust. For those who were able to attend the conference, here’s a handy summary (and for those who couldn’t make it, the high points of what you missed).
1. Trust Should Be Your No. 1 Business Value
Over the past year, the world of business and specifically technology has dramatically changed due to data breaches and privacy scandals such as those at Facebook, Google, and Twitter – each of which have been called to testify to U.S. Congress regarding Russian meddling in the 2016 Presidential election.
“If trust is not your highest value — and you see it in our technology industry right now — your employees and executives are going to walk out,” Benioff told CNBC’s Jim Cramer on “Power Lunch” on September 25th, 2018. “You’d better decide now that trust is your highest value, because in this new world when everything is changing, people want to know they can trust you.”
Moving forward, businesses and tech companies will need to build trusted relationship with their customers. This means championing the values of transparency and accountability as they relate to customer success, privacy, and security.
2. The Customer Should Be at the Center of Your Business Model
The world of cloud-based technology is faced-paced and competitive. If you aren’t providing value to help your customers further their business and reach their goals, then you will likely be replaced.
“The world is changing; everything is going digital. How do we make sure we are constantly meeting the demands of our customers in the marketplace?” said Brian Millham, Customer Success Group (CSG) Chief, at Dreamforce 2018. “It’s something we enjoy; it’s something we look at every single day, as we skill and scale our organization. Our challenge is keeping up with the demand of very innovative customers in the market today.”
Businesses may need to re-evaluate the true value they bring to their customers – but how does one accomplish this in a highly complex technological ecosystem? It starts by listening to your customers, to their problems, and to their vision for your organization. Using these insights, you can ensure that you are fulfilling the value they expect from you and align with their vision for a long-term partnership built on trust.
3. GDPR and other Regulations are Pushing Privacy First
Regulations like the European Union’s (EU General Data Protection Regulation (GDPR) and the California Consumer Privacy Act are driving organizations to bring privacy to the forefront of their IT/security backlog. These regulations grant specific rights to citizens who entrust companies with their data, and specific responsibilities to businesses that hold sensitive data. GDPR itself imposes hefty fines on noncompliant organizations — up to £20 million ($26 million) or 4 percent of global annual turnover, whether the company operates within the EU or not.
As a result, businesses are rethinking the way they collect, store, and transmit customer data. Throughout Dreamforce 2018, it was clear that companies are rethinking their tech stacks and adding tools and technology that can help keep data secure to meet compliance. For example, According to GDPR Article 33, you must be able to detect and report a data breach to the relevant supervisory authority within 72 hours of the occurrence.
This means organizations will need to employ forensic investigations to quickly identify the source of a breach or security incident – especially considering that it takes a mean time of 197 days to detect a breach and 69 days to contain it. Think of GDPR not as a hinderance, but as an opportunity to build trust. Creating a foundation of privacy and security in your organization will give you the opportunity to build upon GDPR compliance in your organization.
4. Everything is Moving to the Cloud, and People Need Insights
Cloud-based spending is expected to reach $160 billion in 2018, a 20 percent increase over 2017. More and more people are moving their infrastructure to the cloud to streamline workflows, save storage costs, and reduce tech stacks.
In fact, today’s businesses often leverage cloud computing and applications as a central point of business, handling workflows involving customer and prospect data, HR, accounting, IT, sales, and more. The associated data is the most valuable and business-critical asset for any organization.
But one problem that was repeated throughout Dreamforce 2018 is that organizations need insights into what’s going on in their cloud applications. Who is accessing what data? What reports are being run? Are my applications performing the best they can? Am I maintaining my compliance posture?
“We had an experience where a system administrator was supposed to elevate an engineer’s permissions to an administrative role in a sandbox, but they actually did it in production,” said United Capital’s Senior Vice President of Technology, Brandon Gage, on a webinar. “We found it, flagged it, and were able to undo that immediately and give the person the permissions that they needed.”
With the help of cloud-based applications, organizations can gain insights into their cloud applications to ensure the maintain compliance and keep their organization secure.
5. Organizations Need to Simplify Those Compliance and Security Insights — Yesterday
Organizations are more focused than ever on creating value for their customers, which means their time and resources are stretched too thin. Standard security, and compliance initiatives are manual and time-consuming. By using platforms that can offer quick, simplified insights into the information they need to run and secure their business, organizations can gain time back in their day to focus on training, serving customers, and improving operations. Partnering with vendors that can provide instant information and insights into your customers or business will give you the ability to focus on your strategic, revenue-producing business functions.
In one particular Dreamforce 2018 session featuring Mark Bowling, Consulting ISO for United Capital, Bowling explained how he saved vast amounts of time complying with ISO 27001 using Salesforce Shield Event Monitoring with FairWarning. Rather than pouring over complex audit logs, Mark can instant insights into his Salesforce instance and quickly investigate, remediate, and mitigate from one platform.
“We are doing two things: We are making United Capital more resilient to external harm, and we are giving United Capital the ability to establish fact,” said Mark Bowling, Consulting iSO at United Capital.
In the same session, Amanda Grady, Salesforce Senior Product Manager for Event Monitoring, explained how her customers save time and reduce hefty storage costs with FairWarning.
“When my customers work with FairWarning, they are really able to unlock the value of Event Monitoring,” said Grady. “They are able to store the data indefinitely for compliance, and my customers love the per-user view they have built.”
For those lucky enough to attend Dreamforce 2018, the event offered a flurry of activity and mind-probing ideas from the most innovative companies and individuals in the world of SaaS. It’s clear that, as we move forward with rapidly developing and adopting new technologies, the user and the human should be the central point of all consideration. Together, we can listen to one another to save time, and solve problems that would be otherwise time-consuming or impossible without these innovations and trust-based connection.