FairWarning Executive Series Webinar
Salesforce power users hold the keys to your kingdom. They can make changes to whitelist IPs, permission sets and security controls, often going undetected under the veil of privileged access. Security-minded Salesforce admins understand that these power users can inadvertently or maliciously abuse their privileges to company resources and controls, putting your organization at extreme security risk. In fact, 80 percent of security breaches involve privileged user credentials, according to Forrester Research. So, who’s making sure the keys to your Salesforce kingdom are in the hands of the right power users? Strengthen your security posture with our strategies for preventing privileged user abuse in Salesforce and securing your org.
Privileged users in Salesforce may be people at a keyboard, or they may be applications and interfaces interacting with your instance. Either way, they have higher levels of permission than the standard user.
Privileged users hold the keys to your kingdom – including sensitive proprietary business and customer data. One misstep, either intentional or accidental, could devastate your organization. In fact, 80 percent of security breaches involve privileged user credentials, according to Forrester. But how do you know who they are — or keep track of what they’re doing within Salesforce?
In this webinar, Mark Bowling, Chief Security Officer of United Capital Financial Partners, and LaDon Williams, Information Security Analyst at FairWarning, discuss the issue of privileged users in your Salesforce instance and the risks they can pose to your organization.
They also reveal how they’re approaching the issue of privileged user abuse in Salesforce at their respective organizations, and best practices for managing Salesforce user access.
You’ll learn how to:
- Identify your Salesforce privileged users and what they have access to.
- Implement key security controls, policies, and procedures that improve your compliance posture and secure your data (and that of your customers), specifically with regards to GDPR and ISO 27001.
- Provide the right permissions to the right users to minimize your attack surface.
- Detect unusual behaviors, such as a larger-than-average export of data by a specific user, a login from a suspicious location, or access by an unauthorized application.
- Develop an appropriate incident or breach response plan in the event that data is compromised within Salesforce, and perform forensic investigations in response to law enforcement, regulatory, or e-discovery requests.
“Minimizing your human attack surface is every bit as important as minimizing your technical attack surface.”
Bowling also discusses:
- How United Capital created a culture of compliance and security to drive risk out of their organization and keep company and customer information safe.
- What GDPR says about privileged access, and which specific ISO 27001 controls United Capital has implemented to strengthen its compliance, security, and privacy posture.
- How United Capital created an internal control framework to assess their risk mitigation efforts reduce the incidence of security incidents or breaches.
- How United Capital determines whether unauthorized changes are being made or whether data is being accessed or handled improperly within Salesforce.
Watch the replay to learn more about how these security professionals are detecting, investigating, mitigating, and remediating privileged user abuse in Salesforce.
Secure the Keys to Your Kingdom: Protect Your Organization’s Privileged User Accounts
5 Reasons Why Privileged User Abuse is a Top Security Concern in the Cloud
5 Ways to Prevent Privileged User Abuse in the Cloud
Chief Security Officer
Sr. Product Marketing Manager
Information Security Analyst