5 Strategies for Preventing Privileged User Abuse in Salesforce

5 Strategies to Prevent Privileged User Abuse in Salesforce
Watch Replay
Download Slides

FairWarning Executive Series Webinar

5 Strategies to Prevent Privileged
User Abuse in Salesforce

Thursday, May 24th, 2018 | 2 p.m. ET / 11 a.m. PT

Salesforce power users hold the keys to your kingdom. They can make changes to whitelist IPs, permission sets and security controls, often going undetected under the veil of privileged access. Security-minded Salesforce admins understand that these power users can inadvertently or maliciously abuse their privileges to company resources and controls, putting your organization at extreme security risk. In fact, 80 percent of security breaches involve privileged user credentials, according to Forrester Research. So, who’s making sure the keys to your Salesforce kingdom are in the hands of the right power users? Strengthen your security posture with our strategies for preventing privileged user abuse and securing your Salesforce environment.

On this FairWarning webinar, you will learn how to:

  • Pull a consolidated view of user profiles and permissions in your Salesforce application

  • Monitor for escalation of privileges, changes in security controls, creation of new users, and manipulation of permission sets

  • Monitor who, what, where, and how users are accessing your Salesforce environment

  • Help comply with regulations and frameworks such as GDPR and ISO 27001

https://fast.wistia.com/embed/medias/njwj9ugm5s/swatch” style=”filter:blur(5px);height:100%;object-fit:contain;width:100%;” alt=”” onload=”this.parentNode.style.opacity=1;” />

About the Speakers

Mark Bowling

Mark Bowling

Chief Security Officer at United Capital

Mark Bowling is the principal and founder of an independent risk management consulting practice.  This practice performs strategic risk management consulting services for corporate and institutional clients, in the education, energy, finance, IT infrastructure, and government verticals. Prior to this position, Mark was a Federal Special Agent, serving for 20 years in the FBI. Mark served as both a Cyber Investigator and a Counter-Terrorism Agent.

Mike Mason

Sr. Product Marketing Manager
FairWarning

Mike Mason is the leader of go-to-market strategies for FairWarning for Cloud Security. As a subject matter expert in cloud solution security for over 10 years, Mike successfully develops strategic market initiatives, with his current focus on security in the Salesforce and cloud ecosystem.  Mike has an entrepreneurial background, having co-founded 2 startups, which were later acquired.

Information Security Analyst

LaDon Williams

Information Security Analyst at
FairWarning

LaDon Williams is currently the Information Systems Security Analyst at FairWarning. She has 10 years of experience in IT, with the last 7 of those years focusing on cybersecurity. She has served in public schools, non-profits, and government agencies, including HUD, NASA, and the U.S. Army. She currently focuses on vulnerability and risk management and mitigation through proactive threat hunting, incident response development, and compliance management.

DOWNLOAD THE SLIDES

REQUEST WHITE PAPER

Salesforce power users hold the keys to your kingdom. They can make changes to whitelist IPs, permission sets and security controls, often going undetected under the veil of privileged access. Security-minded Salesforce admins understand that these power users can inadvertently or maliciously abuse their privileges to company resources and controls, putting your organization at extreme security risk. In fact, 80 percent of security breaches involve privileged user credentials, according to Forrester Research. So, who’s making sure the keys to your Salesforce kingdom are in the hands of the right power users? Strengthen your security posture with our strategies for preventing privileged user abuse and securing your Salesforce environment.

5 Strategies to Prevent Privileged User Abuse in Salesforce

FairWarning Executive Series Webinar

 

Executive Summary

Privileged users in Salesforce may be people at a keyboard, or they may be applications and interfaces interacting with your instance. Either way, they have higher levels of permission than the standard user.

Privileged users hold the keys to your kingdom – including sensitive proprietary business and customer data. One misstep, either intentional or accidental, could devastate your organization. In fact, 80 percent of security breaches involve privileged user credentials, according to Forrester. But how do you know who they are — or keep track of what they’re doing within Salesforce?

In this webinar, Mark Bowling, Chief Security Officer of United Capital Financial Partners, and LaDon Williams, Information Security Analyst at FairWarning, discuss the issue of privileged users in your Salesforce instance and the risks they can pose to your organization.

They also reveal how they’re approaching the issue of privileged user abuse at their respective organizations, and best practices for managing Salesforce user access.

You’ll learn how to:

  • Identify your Salesforce privileged users and what they have access to.
  • Implement key security controls, policies, and procedures that improve your compliance posture and secure your data (and that of your customers), specifically with regards to GDPR and ISO 27001.
  • Provide the right permissions to the right users to minimize your attack surface.
  • Detect unusual behaviors, such as a larger-than-average export of data by a specific user, a login from a suspicious location, or access by an unauthorized application.
  • Develop an appropriate incident or breach response plan in the event that data is compromised within Salesforce, and perform forensic investigations in response to law enforcement, regulatory, or e-discovery requests.

“Minimizing your human attack surface is every bit as important as minimizing your technical attack surface.”
Mark Bowling, Chief Security Officer, United Capital Financial Partners

Bowling also discusses:

  • How United Capital created a culture of compliance and security to drive risk out of their organization and keep company and customer information safe.
  • What GDPR says about privileged access management, and which specific ISO 27001 controls United Capital has implemented to strengthen its compliance, security, and privacy posture.
  • How United Capital created an internal control framework to assess their risk mitigation efforts reduce the incidence of security incidents or breaches.
  • How United Capital determines whether unauthorized changes are being made or whether data is being accessed or handled improperly within Salesforce.

Related content:

Secure the Keys to Your Kingdom: Protect Your Organization’s Privileged User Accounts
5 Reasons Why Privileged User Abuse is a Top Security Concern in the Cloud
5 Ways to Prevent Privileged User Abuse in the Cloud

Webinar Speakers

Mark Bowling

Mark Bowling
Chief Security Officer
United Capital

Mike Mason
Sr. Product Marketing Manager
FairWarning

Information Security Analyst

LaDon Williams
Information Security Analyst
FairWarning

2018-05-28T15:45:10+00:00