How to be a Salesforce Admin – Part 3 – How to keep Salesforce secure

Learn how to manage a Salesforce system with our four part series focussed on how to be an awesome Salesforce admin. Whether you are considering a Salesforce admin career, starting out as a Salesforce admin or already working as a solo admin, we are sure this content series will add value to your knowledge. We teach this content as part of our Salesforce Admin Course and Consultancy Skill Course.

If you are working as a solo admin or a team of Salesforce admins you might have to manage the full task list yourself or distribute it amongst you. Ideally you want a structured plan of who is doing what and when throughout the year to ensure your Salesforce system is trusted, compliant, adopted and developed as needed. 

During the next four weeks we are going be looking at the following roles of a Salesforce admin with our partners – Gearset, Apsona, Slalom and Provar Testing. 

• Part 1 – How to manage a Salesforce System
• Part 2 – How to manage data quality in Salesforce
• Part 3 – How to keep Salesforce secure
• Part 4 – How to plan your Salesforce Roadmap

Part 3 – How to keep Salesforce Secure

This week listen to our podcast with Hetty Boardman-Weston, Head of Marketing and Operations and Salesforce Admin at Provar to find out what you can do to keep your system safe and secure.

Why is it important to keep a Salesforce system secure 

The Salesforce Admin team should work with the Company’s Operational team to align the system to security and data protection policies. It’s not a one man job but a team effort to keep data secure, but the Salesforce Admin team will be responsible for putting functionality in place to keep the system as safe as possible. If there isn’t a plan in place for keeping the Salesforce system secure then a Data Breach can occur.

A data breach is when people can access a system or see data they aren’t meant to. If this happened then it would have to be reported to the Data Protection Regulators. It’s important to test and ensure security access is set up and monitored as required. If there was a data breach, and it was evident that security policies within the system were not implemented correctly, the company could be subject to a financial penalty or damaged reputation. There is a level of responsibility here , but, if you are trained professionally as a Salesforce Administrator you will know the steps that you have to take, and these are summarised below:

How do you keep Salesforce secure

It’s firstly important to have a Security Policy for your system in place so you can understand what the security requirements are for your system. You would want to understand:

• Who is logging in, how are they logging in, and how frequently? What data should they have access too?
• What are the security requirements for different countries and regulations? 
• What types of data classification does your system holds. For example do you have highly sensitive fields and any that need to be encrypted. 
• How should someone be logging in – Should they be be using single-sign on and mydomain? 
• What are the password policies for the organisation and how should this be managed in the system?

Once you understand the security requirements you can then implement, manage and oversee the security of the system and security of the data.

Security Management 

Once the Security Requirements have been implemented you can use various native and third party apps to oversee and test the system. For example:

Security Health Check – As an admin, you can use Health Check to identify and fix potential vulnerabilities in your security settings, all from a single page. 
A summary score shows how your org measures against a security baseline, like the Salesforce Baseline Standard

Security Centre App – The Security Centre app offers a single view of your security, privacy, and governance posture across all of your Salesforce orgs and tenants. Use the app to review up-to-date health check scores, access settings, and user and login metrics in one easy-to-read interface.

Salesforce Shield – Salesforce Shield is a trio of security tools that helps admins and developers build extra levels of trust, compliance, and governance right into business-critical apps.  It includes Shield Platform Encryption, Event Monitoring, and Field Audit Trail

Making sure your Data is Secure 

Once you know all of the data requirements then you would implement technical requirements to manage data quality and security to ensure everything is secure. Some of the tasks you will need to implement are:

• Data Accessibility – Checking that data is only accessible to those that need to see it by using tools such as Provar for testing purposes.
• Data Quality – Checking how good Data Integrity is and whether it’s fit for purpose? Can you create dashboards and reports to visualise this? Do you need to install third party apps that can add data intelligence. See Part 2 if you missed it.. 
• Data Ownership – Creating a data management plan to assign owners to records in the system so people have a sense of ownership and responsibility for updating data on records which helps to keep data up to date. 
• Customer Consent – Checking that customer consent is captured when collecting customer information and that this information is being held against relevant data on the system.  
• Data Back Up – Making sure you have a back up of data in place in case data is deleted by accident or on purpose is equally important so you can restore it as needed. 

Training for Salesforce Admins – How to be an Awesome Admin

At Supermums we offer multiple courses to help you start or boost your Salesforce career. Check out how Salesforce Admin or Consultancy Skills Courses could help you on that next step of your journey:

Supermums is proud to be an approved training provider of Salesforce