Hone Your Security Management Skills as a Salesforce Admin

As Salesforce Admins, we work with important data and have a powerful platform at our fingertips. But as the saying goes, with great power comes great responsibility. You, as an admin, must promote a culture of positive security controls, protect your organization’s data from unauthorized access, and be security responsible.

You play a crucial role in the day-to-day maintenance of your Salesforce org, rolling out improvements and ensuring all user and customer data is protected. There are many aspects of data security that admins can monitor, including who can see what, who has permission to export data, and who can run org health checks and implement login security controls.

Having been an admin for multiple orgs, I’ve come to understand the importance of security management. One of my more memorable challenges was being tasked with setting up a user security architecture that shared all the same core platform, but utilized that data differently for separate department user groups. Now, I’m sharing what I’ve learned to help you hone your security management skills.

Let’s explore how to be data responsible and a security-minded admin within your Salesforce org.

What is security management?

Managing security within Salesforce is about giving users access to the data they need while protecting your organization from unauthorized access. Salesforce provides multiple features to implement security controls to meet your organization’s requirements.

Here are four key ways that admins can manage security within their org:

1. Control who can see what.
   User permissions within Salesforce specify which tasks users can perform and which features users can access. They are the first and most effective way to control who sees what—and when. Best practice is to start with a Private organization-wide default (OWD) setting and then open up visibility using Sharing Rules, Role Hierarchy, Sales and Account Teams, Manual Sharing, and Apex Sharing. Check out this great Who Sees What video series about all of these rules and how to best use them.
2. Disable the export report permission.
   It’s important to remember there’s a permission that allows users to export reports out of Salesforce into Excel or a .csv file. With this permission disabled, you minimize the risk of data being exported and shared with unauthorized users.
3. Use Salesforce Health Check.
   This tool measures how well your security settings meet either the Salesforce Baseline Standard or your selected custom baseline. It allows you to audit your security settings and expose potential vulnerabilities in your org. This helps you proactively take steps to prevent security issues.
4. Implement multi-factor authentication (MFA).
   MFA is a very useful tool in any admin’s toolbox. It’s an authentication method that requires the user to provide two or more verification factors to log in to a Salesforce org. MFA is the easiest way to secure your org from unqualified login or phishing attempts.

My advice is to proactively utilize the tools available to you, and continually test for weaknesses and improve further. I set a fortnightly (that’s every 2 weeks for you non-Aussies) reminder to run Health Check, which helps me ensure the data within Salesforce is protected and that I prevent any issues from becoming bigger problems.

Why is security management important for Salesforce Admins?

Cybersecurity skills are increasingly becoming in demand within the tech industry, especially for Salesforce Admins. By being a security-minded admin, you’ll have a skill that many employers desire which, in turn, will help further your career prospects as the industry grows.

Become a security champion within your organization and advocate for a positive culture that prioritizes security management. Showcase your skills on your resume by detailing the processes you’ve put in place to safeguard information. You can go further and even quantify the amount of data that’s now secure due to your actions, and highlight how that has positively impacted your company. Your security management efforts can also help your company promote their data privacy and security controls to customers, building trust and increasing customer confidence.

How can I learn and develop my security management skills?

I truly believe it’s important to continuously challenge yourself and learn. Strive to become a security champion at your own organization, and point yourself and your company in the right direction to protect your Salesforce org.

Trailhead is your best resource to learn how to manage security within your Salesforce org.

1. Start with the Protect Your Salesforce Data trail to learn the basics and more about keeping your data safe.
2. Next, I recommend earning your Security Specialist Superbadge.
3. Be sure to participate in Trailhead Quests as they come out, such as the Multi-Factor Authentication Quest to become an MFA expert.

Take these three steps to build your success:

1. Explore the new Salesforce Admin Skills Kit to learn how to represent your skills when applying for admin jobs or preparing for performance reviews.
2. Share these skills on social media using #AwesomeAdmin, and tell other admins three skills you’re going to commit to developing this year.
3. Revisit admin.salesforce.com next Tuesday for the next blog post in this series!

Resources

• Salesforce Admins Blog: 5 Steps Every Admin Should Take to Secure Their Org
• Salesforce Admins Blog: Managing Security for Multiple Orgs Just Got Easier
• Salesforce Admins Podcast: Security Breaches and MFA with Ian Glazer and Laura Pelkey Podcast