Content security for Salesforce – an added cost or an enabler?
As malicious actors ramp up their attacks on organizations’ cloud platforms, it’s vital your Salesforce content is effectively secured at all times. Here we outline the risks and explain how F-Secure Cloud Protection thwarts attackers’ ambitions
Salesforce is one of the world’s leading cloud SaaS platforms. For many traditional enterprises, it is often the first step they take into the cloud, since it offers a proven way to modernize an organization’s sales function fast, without the need for extensive capital IT investment. Yet it’s vital you use the platform in a secure way.
“Hang on,” you might say, “aren’t cloud service providers responsible for securing their systems so we don’t have to? Isn’t that why they display all those security accreditations and certifications?”
Yes, but only up to a point. When you sign up to a cloud service, you typically also sign up to what’s known as a ‘shared responsibility model’ of security. Salesforce, for instance, guarantees to maintain various aspects of system and application security – such as authenticating any users and devices accessing the system, as well as enforcing various rules, permissions and roles that you’ve set up. But it’s your organization’s responsibility to secure any files and links uploaded or shared on the Salesforce platform, whether by your own staff or external users such as partners and customers.
Don’t fall foul of the regulators
Upholding your end of the shared responsibility agreement is not just a ‘nice to have’ – increasingly, organizations will find themselves subject to reputational damage, fines and prosecutions if their security and data protection efforts are deemed to have been inadequate.
Already, the EU’s General Data Protection Regulation (GDPR) places tough financial penalties on organizations deemed to have shirked their security responsibilities, and other regions are following suit. For example, in the US, the new California Consumer Privacy Act (CCPA) is baring similar teeth, and is increasingly being hailed as the likely model for other states’ regulation.
Traditional security measures aren’t enough
You might think your existing security systems already have you covered, but typically this is not the case, particularly if you have traditionally focused on securing in-house, rather than cloud-based, systems. While you may have perfectly maintained, well-configured firewalls and network security systems protecting your internal systems from malware, ransomware, malicious links and other threats, access to cloud systems like Salesforce often bypasses these protections.
For example, people (whether your staff or external partners) may be using their own devices like smartphones and laptops to log in to Salesforce directly. Unless they happen to have comprehensive, up-to-date security systems running on those devices – which most don’t – there’s nothing to stop them unwittingly sharing a malicious link or attachment, for example in the Salesforce Sales Cloud or Chatter. This could then be clicked or downloaded by others on the system, infecting their devices in turn.
Threats distributed on the platform could propagate through your network and ultimately lead to damage to, or a data breach from, your internal systems. They could also be downloaded by partners or customers of community cloud service, causing their own systems, devices and/or data to be compromised, with all the legal, reputational and financial consequences that implies.
F-Secure Cloud Protection: made for Salesforce
So how can you ensure you do all you need to do to protect Salesforce from your side? That’s the challenge we focused on when we designed F-Secure Cloud Protection for Salesforce.
The system offers dedicated security components to mitigate the risks posed by files, links and emails posted on – or downloaded from – Salesforce, without hindering use of the platform. It’s tightly integrated with the Salesforce cloud, meaning it can be deployed from the Salesforce AppExchange in minutes, with no need for additional IT work like setting up middleware or modifying network configs. The native cloud integration also means it’s lightning fast in operation.
How does it work?
Every time a user uploads or downloads a file or other content to one of the Salesforce clouds (e.g. Sales Cloud, Community Cloud, Service Cloud, etc) the system automatically scans it for threats – including malware, phishing links, inappropriate content or disallowed file types. You can also set up regular scheduled scans (whether of specified areas of Salesforce or everything you have on there).
If the system doesn’t recognize a file, it is uploaded to the F-Secure Security Cloud for deeper threat analysis using multiple anti-malware engines. This handles more than 8 billion queries a day using the most advanced, up-to-date technologies, techniques and intelligence available to provide next-generation security and real-time threat analysis. The system also uses advanced machine learning techniques to decide whether to send a file for further analysis to our Smart Cloud Sandbox, where its behavior can be observed safely to identify even highly advanced ‘zero-day’ (previously unseen) threats.
Why is it better than rival products?
Other security products in the AppExchange only scan files when they’re uploaded to Salesforce, not when they’re downloaded. This means they do not pick up threats where content is changed after it’s been uploaded (for example, if a malicious user amends a previously clean link to point to some malware). Additionally, they tend to lack the analytics capabilities needed to make informed decisions to improve security measures.
It’s possible to scan your Salesforce cloud for both uploaded and downloaded threats using a company-wide security system outside the AppExchange, by connecting it with a piece of middleware known as a cloud access security broker (CASB). In addition, whereas solutions integrated with the Salesforce cloud like ours are encrypted end-to-end, CASBs need to break the encryption midway, meaning they are inherently more prone to vulnerabilities.
F-Secure Cloud Protection features rich reporting, flexible alerting, advanced analytics and full audit trails, meaning your security people can investigate content-based attacks in seconds, confirm or rule out Salesforce as the source of any attack, uncover details of attackers (such as IP addresses) and identify any users who’ve accessed malicious content. Admins can also customize automated responses to potential threats according to their own organization’s security policy, for example deciding whether to block content like executable files or simply flag them up to users with a warning.
Why is content protection good for business?
All organizations today are operating in a wide, inter-connected web of suppliers, vendors, partners and customers.
Supply chains are long and there is often a high degree of inter-dependency between the organizations within the supply chain.
The more connected your organization is, the more exposed you are to cyber risk. Therefore, many organizations are limiting their usage of shared cloud platforms, such as Salesforce Community Cloud, which can hinder growth and innovation.
By enabling Cloud Protection for Salesforce, F-Secure provides you with an opportunity to safely extend your usage of Salesforce and to collaborate effectively in areas previously deemed to be too risky. F-Secure’s ultimate goal is to enable you to innovate without compromising security.
Future-proof protection – find out more
With F-Secure Cloud Protection, you won’t just be upholding your side of the shared security agreement – you’ll be going above and beyond requirements by employing the gold standard for Salesforce security. Powered by F-Secure’s continually updated threat intelligence capabilities, you can be sure your Salesforce cloud will always have optimum protection as the threat landscape evolves. For more details, you can download our product brochure and solution overview here.
Categories