+ All Categories
Home > Software > How to Become a Security-Minded Admin

How to Become a Security-Minded Admin

Date post: 12-Apr-2017
Category:
Upload: salesforce-admins
View: 512 times
Download: 0 times
Share this document with a friend
20
How to Become a Security-Minded Admin August 24, 2016
Transcript
Page 1: How to Become a Security-Minded Admin

How to Become a Security-Minded Admin August 24, 2016

Page 2: How to Become a Security-Minded Admin

Speakers

Mike Gerholdt Sr. Manager, Admin Evangelism Salesforce @MikeGerholdt

Lynn Simons Director, Security Advocacy Salesforce @lsimons0524

Page 3: How to Become a Security-Minded Admin

Forward-Looking Statements

 Statement under the Private Securities Litigation Reform Act of 1995:

 This presentation may contain forward-looking statements that involve risks, uncertainties, and assumptions. If any such uncertainties materialize or if any of the assumptions proves incorrect, the results of salesforce.com, inc. could differ materially from the results expressed or implied by the forward-looking statements we make. All statements other than statements of historical fact could be deemed forward-looking, including any projections of product or service availability, subscriber growth, earnings, revenues, or other financial items and any statements regarding strategies or plans of management for future operations, statements of belief, any statements concerning new, planned, or upgraded services or technology developments and customer contracts or use of our services.

 The risks and uncertainties referred to above include – but are not limited to – risks associated with developing and delivering new functionality for our service, new products and services, our new business model, our past operating losses, possible fluctuations in our operating results and rate of growth, interruptions or delays in our Web hosting, breach of our security measures, the outcome of any litigation, risks associated with completed and any possible mergers and acquisitions, the immature market in which we operate, our relatively limited operating history, our ability to expand, retain, and motivate our employees and manage our growth, new releases of our service and successful customer deployment, our limited history reselling non-salesforce.com products, and utilization and selling to larger enterprise customers. Further information on potential factors that could affect the financial results of salesforce.com, inc. is included in our annual report on Form 10-K for the most recent fiscal year and in our quarterly report on Form 10-Q for the most recent fiscal quarter. These documents and others containing important disclosures are available on the SEC Filings section of the Investor Information section of our Web site.

 Any unreleased services or features referenced in this or other presentations, press releases or public statements are not currently available and may not be delivered on time or at all. Customers who purchase our services should make the purchase decisions based upon features that are currently available. Salesforce.com, inc. assumes no obligation and does not intend to update these forward-looking statements.

Page 4: How to Become a Security-Minded Admin

Get Social with Us!

@salesforceadmns

#awesomeadmin

Salesforce Admins

Salesforce Admins

The video will be posted to YouTube & the webinar recap page

(same URL as registration).

This webinar is being recorded!

Page 5: How to Become a Security-Minded Admin

Join the Admin Webinar Group for Q&A!

 Don’t wait until the end to ask your

question! •  We have team members on hand to answer

questions in the webinar group.

Stick around for live Q&A at the end!

•  Speakers will tackle more questions at the end, time-allowing

bit.ly/AdminWebinarGroup

Page 6: How to Become a Security-Minded Admin

Agenda

•  What does it mean to be a Security-Minded

Admin?

•  Important Security Features

•  DEMO – Security Controls in Setup; Security

Health Check

•  Resources

•  Q&A

Page 7: How to Become a Security-Minded Admin

The Security-Minded Admin

Page 8: How to Become a Security-Minded Admin

The Security-Minded Admin

Knows the available resources

Views security as

“never done”

Keeps a pulse on their

company

Understands key security principles

Page 9: How to Become a Security-Minded Admin

Key Security Principles

 Principle of least privilege

•  Give users the lowest level of user rights (access to read/write data) that they can have and still do their job

 Know your security landscape

•  Today’s target is the user – phishing is the most prominent attack vector

Defense in depth

•  Layered security mechanisms increase the security of the whole (i.e., firewall + anti-virus + two-factor authentication + login IP ranges)

Who sees what

Educate your users

Org security controls

Page 10: How to Become a Security-Minded Admin

Introducing: trust.salesforce.com/security  Currently at Beta at beta.trust.salesforce.com/en/security

•  Best practices

•  Resources •  Links to Trailhead modules

•  Admin & Developer resources

•  Upcoming events

•  Security Advisories

•  Something for everyone!

Page 11: How to Become a Security-Minded Admin

trailhead.salesforce.com

•  Security Basics

•  User Authentication

•  Data Security

•  Identity Basics

New on Trailhead: Protect Your Salesforce Data Trail

Page 12: How to Become a Security-Minded Admin

More Modules to Build Your Security Skills in Trailhead

Identity for Customers Use Salesforce Identity to engage your customers and attract new ones.

User Management Set up users and control how they can view or edit your business data.

Security Specialist (Superbadge) Flex your security muscles by locking down permissions and tracking changes.

Transaction Security Automatically monitor events and get instant notifications, based on rules you create.

Shield Platform Encryption Encrypt your data at-rest in the cloud and manage the life cycle of your encryption keys.

Event Monitoring Discover insights into your Salesforce org with this powerful monitoring feature.

Page 13: How to Become a Security-Minded Admin

Salesforce Security Features

Page 14: How to Become a Security-Minded Admin

Getting Started With 2-Factor (2FA) Authentication

•  Provides an extra layer of security beyond a password

•  Protects account access even if user’s password is compromised

 Two-Step Setup:

•  Setup a 2FA permission set

•  At login, users will be invited to use 2FA

Page 15: How to Become a Security-Minded Admin

Health Check

•  Immediate analysis

•  Actionable links

•  Salesforce standards/benchmarks

•  Password Policies

•  Session Settings

•  Network Access Configuration

Page 16: How to Become a Security-Minded Admin

DEMO

Page 17: How to Become a Security-Minded Admin

Key actions you can take today

ü  Know where to configure security controls in Setup

ü  Try out the Security Health Check ü  Take a look at your password policies, and make sure they meet

minimum standards for Salesforce and your company

ü  Evaluate adding two-factor authentication to your Salesforce orgs/users

Page 18: How to Become a Security-Minded Admin

Resources:

•  Trust.salesforce.com/security (during Beta: beta.trust.salesforce.com/en/security)

•  Trailhead

10 modules available to enhance your security knowledge

Security Basics is a great place to start!

•  Admin.salesforce.com blog posts

Search “security”

Come see us at Dreamforce in the Admin Café!

And on www.dreamforce.com for session recordings with great new security content!

Page 19: How to Become a Security-Minded Admin

Join the Admin Webinar Group

for Q&A!

bit.ly/AdminWebinarGroup

Page 20: How to Become a Security-Minded Admin

thank y u


Recommended