Security "Bits"

Ahead of Dreamforce, things to know about Salesforce security

By Salim Hafid | September 28, 2016 at 1:49 PM


The annual Dreamforce extravaganza is set to descend upon San Francisco in less than a week. With so many vendors in attendance, several keynotes, and hundreds of sessions, it can be difficult to know what is worth your attention.

Salesforce security is still top of mind for many IT leaders and is once again a focus of this year's conference. With sessions on Salesforce1, leveraging SSO, regulatory compliance, and more, there's no shortage of opportunities to better understand what tools you need to secure your Salesforce environment.

Mobile – a critical component of any organization's security strategy, protecting data on smartphones and tablets has become a challenge. With growing demand for BYOD and continued pushback against invasive device management agents, IT leaders are clamoring for a solution that protects corporate data without profiles or certs. At Dreamforce, expect sessions to explore the benefits of a mobile workforce and the importance of secure access. What you may not hear, but should be aware of, is how a Cloud Access Security Broker can help control access on unmanaged devices without invasive agents. 

Single sign-on – the use of an identity management solution has long been encouraged, even by cloud app vendors themselves. Salesforce is one such vendor that understands the importance of SSO and the security benefits of a dedicated identity provider. Because integrated identity solutions work seamlessly across Salesforce, Office 365, and others, you can easily choose one SSO provider to authenticate users across your organization. SSO can also be useful in identifying suspicious logins across applications.

Compliance – in heavily regulated industries like healthcare, HIPAA compliance and other government mandates are of great concern in enterprises migrating to the cloud. Productivity improvements, cost reduction, and ease of management that come with adopting Salesforce are such that the move is inevitable. The question remains, how can regulated orgs adopt cloud securely? A CASB is perfectly suited to enabling compliant cloud usage. Detailed audit and logging, proper access controls, and real-time protection are capabilities organizations should look for in a cloud security solution.

Encryption – for organizations in the financial services sector, encryption is vital piece of the puzzle simply because they need that additional layer of security when they move client data from a premises-based app to Salesforce. Several sessions at Dreamforce will touch on encryption of data-at-rest, but be aware - full-strength encryption and separation of systems without breaking app functionality is a tall order, and one that requires a tried and tested solution like Bitglass.

Learn more about our Salesforce capabilities with a 15 minute live demo.

15 minute live demo



see all