featured image with security astro

Be a Security-Minded Admin


Understanding the basics of security is critically important to being an #AwesomeAdmin. As a steward of valuable data, you have the opportunity to be an important asset to your company by managing it with security in mind. Increasing your own cybersecurity knowledge allows you to play a role in not only safeguarding your company’s data but also helping your company meet security compliance requirements like the GDPR and CCPA. As an admin, you should work closely with IT to understand and maintain your company’s security standards.

The security-minded admin understands that security is “never done.” A security-minded Salesforce Admin knows that locking down user access with Multi-Factor Authentication (MFA) is the best way to safeguard their data from unauthorized account access. These admins also know what to do in the event of suspicious activity in their Salesforce implementation (knowing the internal procedure for escalating suspicious activity, emails, etc. and also understanding that this can be escalated to security@salesforce.com).

Being a security-minded admin is not as hard as it may seem. It means understanding the key principles of security and being able to apply them to your Salesforce implementation.

Know the basics of org security

1. Set up Multi-Factor Authentication (MFA) to protect access to your org.

MFA, also known as two-factor authentication, is the most effective way to protect your users’ accounts from common security threats like phishing, account takeover, and credential stuffing. As a security-minded admin, you can amplify your org’s security by requiring a second level of authentication for every user login. You can also require MFA when a user meets certain criteria, such as attempting to view reports or access a connected app. MFA verifies that a user is who they say they are, before they gain access to your Salesforce data.

2. Set login IP ranges and trusted IP ranges to protect where users can access your org.

Admins can control login access at the profile level by specifying a range of allowed IP addresses. If a user from an unidentified IP tries to log in, they will be denied. To control access at the org level, set trusted IP ranges. Unknown users logging in from non-trusted IPs are challenged to verify their identity — this is also commonly known as IP “whitelisting.” These restrictions help protect your Salesforce data from unauthorized access and phishing attacks.

3. Use permission sets to increase security inside your org.

Following the Principle of Least Privilege, give users the lowest level of user rights (access to read/write data) that they need to do their job. Salesforce helps you implement this with permission set groups so that you can easily customize the access given to users.

For additional security, you can activate session-based permission sets. This allows the user to have certain permissions only during a predefined session type (like when a user authenticates into your environment, for example).

4. Run Salesforce Health Check after every release.

Measure the security health of your org with Health Check. Admins can even create custom baselines to align security settings with the unique needs of the business. Be sure to run Health Check after every release to ensure your security score hasn’t changed.

5. Stay up-to-date on security.

Find the most up-to-date security resources and information on Salesforce’s security site.

Find more admin-related security resources available to you

Check out our resource page: admin.salesforce.com/security

Introducing Files and Attachments Backup in Salesforce Backup.

Introducing Files and Attachments Backup in Salesforce Backup | Spring ’24

What is Salesforce Backup? Salesforce Backup is our native backup and restore solution designed to safeguard customers’ valuable data. Geared for user-friendly operation, Salesforce Backup automatically creates backup copies of business data, empowering organizations to effortlessly restore data and recover from even the most challenging scenarios. With the Spring ’24 Release, we’re thrilled to announce […]

Introducing Salesforce Backup.

Introducing Salesforce Backup: Your Data’s Safety Net

What is Salesforce Backup? On August 15, Salesforce announced the general availability of Salesforce Backup, a native backup and restore solution designed to safeguard customers’ valuable data. Built with ease of use in mind, Salesforce Backup automatically creates backup copies of business data, empowering any organization to restore data and recover from even the worst-case […]

Cloudy with a laptop standing next to text that says, "Security + AI Basics for Salesforce Admins."

Security + AI Basics for Salesforce Admins

Artificial intelligence (AI) is everywhere right now and everyone is talking about it. From having fun with generative imaging to staring in wonder at driverless cars, it seems that AI is popping up all over the place. Salesforce has made a ton of AI announcements with Sales GPT, Service GPT, Slack GPT, and beyond. As […]