Why Protect Salesforce?
Enterprise salesforce implementations are generating business-critical data that directly impacts not only customer engagements, but revenue, staffing and strategic business decision-making. Like most SaaS providers, Salesforce guarantees availability and uptime of services and systems. This includes data replication. However, application availability is not the only vector impacting business continuity. Responsibility for long-term retention, privacy, and security of data remains with the customer. A third-party data protection solution is needed in order to meet these requirements.
Customers remain responsible for protection against administrator and user errors resulting in data corruption and data loss. This is particularly important for Salesforce because of how easy it is for Salesforce implementations to become “broken.” Practically speaking, all Salesforce implementations are customized. Developers modify screen layouts, add and remove custom fields, and more in order to make the Salesforce implementation as seamlessly usable as possible for their organization’s needs. In fact, Salesforce includes a feature called Data Loader that allows for the mass creation, deletion, and editing of records. As a result, the accidental, erroneous, or malicious, mass deletion and/or modification of entries, configurations, custom code, etc. becomes all too easy. A copy of metadata is required to restore settings. This is on top of the need to be able to recover data in the event that it is accidentally deleted by users. As will be discussed further in the next section of this paper, the Salesforce Recovery Bin cannot be relied upon to provide a suitable recovery point.
Protection against the onslaught of malicious attacks is also required. This includes protection against external threats such as ransomware, which is making headlines – and for good reason, considering not only its prevalence of attacks but also their potential impact in terms of downtime for the business and data loss. It also includes attacks from malicious insiders – such as a disgruntled storage administrator attempting to delete storage volumes, for example.
Download this free Technical Insight report to continue reading.
