Astro holding a security sign next to text that says, "Freemium and Premium Salesforce Security Tools."

Salesforce Security: Enhanced Visibility with Freemium and Premium Tools

By

Salesforce Admins have access to a variety of tools that provide visibility into the security of their Salesforce orgs. At Salesforce, we believe in a holistic approach to security that addresses both low-hanging fruit (like easy-to-fix settings) as well as more complex needs. To help admins with this, Salesforce offers native dashboards and reporting tools (Health Check, Salesforce Optimizer, etc.), as well as paid products that provide enhanced visibility of security considerations (Security Center).

Though some are built-in and others come at a cost, there is deep inherent value in all of these tools depending on your security needs. Let’s dive into these amazing tools!

Health Check (built-in)

Salesforce orgs are built with security in mind, but there are certain things left up to you—the customer—to configure based on the unique needs of your company. Health Check gives admins visibility into all of your security settings in one view. You can find and run Health Check in the Quick Start menu by typing “Health Check.”

Configuring settings in a certain ways, like selecting more secure password requirements or limiting a user’s session length, will increase or decrease your Health Check score depending on what you choose. A summary score (0-100) shows how your org measures against a security baseline like the Salesforce Baseline Standard. You also have the ability to upload up to five custom baselines to use instead of the Salesforce Baseline Standard! Once you’ve initially updated your security settings to get a good score, we recommend running Health Check after every release (three times a year) to ensure that nothing has changed within your org and you can address any new security settings right away.

Salesforce Optimizer (built-in)

Salesforce Optimizer is another built-in tool available to admins to increase the visibility of crucial components of a Salesforce org (such as a handful of security-related components). Optimizer takes a snapshot of your Salesforce org and looks for potential problems in your implementation—it’s pretty powerful! In terms of security, the tool gives you detailed data right inside your org on more than 50 metrics covering everything from users with admin-level permissions, storage, fields, custom code, custom layouts for objects, reports and dashboards, and much more.

User Access and Permissions Assistant (free on AppExchange)

The User Access and Permissions Assistant gives admins the ability to manage permissions and permission assignments like never before. This ability is especially important given the recent announcement of end of life (EOL) of permissions on profiles, which will go live in the Spring ’26 Release.

This app, available for free on AppExchange, allows you to:

  • Analyze a user’s permission and the permission origins.
  • Report on permissions by user, by permission set, or by dependency, and extract.
  • Manage permission set groups and see combined permissions, manage muting, and manage assignments in an easy wizard.

The best part? This tool is fully supported by Salesforce!

Security Center (add-on)

The last tool we’ll dig into is Security Center, one of our add-on products. Yes, it’s an additional cost, but the value it provides in terms of security is endless. Think of it like Health Check on another level: It consolidates security information across ALL of your Salesforce orgs into one view and even includes other security feeds. It’s especially useful for larger companies that manage many orgs and have enhanced security needs.

This extremely powerful product further simplifies the management of security across Salesforce, making sure customers have a strong understanding of their security posture and driving insights to improve it where necessary. Security Center does this by tracking more than 60 key user permissions and org configuration metrics for each of your Salesforce orgs, and then consolidating them into a single view so you have a clear view into your security posture across your entire Salesforce environment.

When it comes to security, the more you do proactively to protect your data will pay off in dividends by avoiding unnecessary risk. Hopefully, this guide to Salesforce’s freemium and premium security visibility tools is helpful!

Additional resources

Core responsibilities of a Salesforce Admin

Core Responsibilities of a Salesforce Admin: Your Blueprint for Success

As admins, you hold the keys to success for your users and companies to get the most out of Salesforce. You have the unique opportunity to build and manage trusted solutions that drive productivity and innovation through five core admin responsibilities: security, user management, data management, analytics, and a new core responsibility: product management.  The […]

READ MORE
User management enhancements Winter '25

User Management Enhancements | Winter ’25 Be Release Ready

Winter ’25 is almost here! Learn more about user management and check out Be Release Ready to discover more resources to help you prepare for Winter ’25. We’re continuing to innovate in Setup starting with user access and user management. We have several exciting enhancements in store for Winter ’25–many thanks to your feedback and […]

READ MORE
Troubleshoot user access with SOQL

How to Troubleshoot User Access with SOQL (Beginner Friendly)

Awesome Admins, we know that troubleshooting user access is a common task. You’re frequently asked questions like “Why can Jane access this field, but John can’t?” or “Why can John view this record when he shouldn’t be able to?” In Summer ’24, we introduced helpful summary views for users, public groups, permission sets, and permission […]

READ MORE