Security Updates in Summer ’17 Release


Calling all Salesforce Admins! Let’s take a minute to get real about security. As a Salesforce Admin, security is an essential part of your job, just like it is for us — in fact, security is our number 1 priority at Salesforce. Now that the Summer ’17 release is here, there are even more ways for Admins to become Security Ambassadors for their organizations! Let’s dig into some of our security updates in Summer ’17 that will help you stand out as a security-minded Admin.

Embedded logins for customers & more

We talked about the enhanced security value of Lightning Login in Spring ’17. Now with our new Embedded Login feature, Salesforce authentication extends to your websites, making it possible for Admins to require customers to log in to access web pages. To enable this, your web developers can easily add login capabilities to the website with just a few lines of HTML. Bonus: this feature works for communities created with either our Communities or Salesforce Identity products!

Are your users tired of getting logged out due to expired sessions? They’ll be happy to know that starting with Summer ’17, users can now enable browser notifications so that when their session is about to expire, a browser notification pops up in the foreground! Wait, there’s more…

In addition, you now have the option to require identity verification for 2FA and email address changes. We’ve also added Single Logout (SLO) as a beta feature, enabling you to export profile definitions to reduce compliance burden, as well as the ability to track blocked apps more easily by enabling the API whitelisting feature.

Updates to Security Health Check

We’ve talked about how Security Health Check can make you a security champion for your company and allows you to keep tabs on your org’s security settings even as business needs change. Health Check does this by measuring your security settings against our suggested baseline standards. The Health Check page now has four risk categories and new names for risk statuses, so it’s even easier to use.

In addition to those updates, we’ve introduced a cool new feature that allows you to manage the unique needs of your company by importing custom baseline standards to Health Check. Admins have the ability to customize their own security baseline to compare your org’s security settings with your individual industry standards. This change applies to both Lightning Experience and Salesforce Classic, so have at it Admins!

Can’t wait to become a security rockstar? Check out some additional security content for Admins below.

More resources

Introducing Salesforce Backup.

Introducing Salesforce Backup: Your Data’s Safety Net

What is Salesforce Backup? On August 15, Salesforce announced the general availability of Salesforce Backup, a native backup and restore solution designed to safeguard customers’ valuable data. Built with ease of use in mind, Salesforce Backup automatically creates backup copies of business data, empowering any organization to restore data and recover from even the worst-case […]

Cloudy with a laptop standing next to text that says, "Security + AI Basics for Salesforce Admins."

Security + AI Basics for Salesforce Admins

Artificial intelligence (AI) is everywhere right now and everyone is talking about it. From having fun with generative imaging to staring in wonder at driverless cars, it seems that AI is popping up all over the place. Salesforce has made a ton of AI announcements with Sales GPT, Service GPT, Slack GPT, and beyond. As […]

Astro holding a security sign next to text that says, "Freemium and Premium Salesforce Security Tools."

Salesforce Security: Enhanced Visibility with Freemium and Premium Tools

Salesforce Admins have access to a variety of tools that provide visibility into the security of their Salesforce orgs. At Salesforce, we believe in a holistic approach to security that addresses both low-hanging fruit (like easy-to-fix settings) as well as more complex needs. To help admins with this, Salesforce offers native dashboards and reporting tools […]