Salesforce security and compliance is a shared responsibility and you, the end-customer, have skin in the game. Salesforce is a PaaS, and its compliance with regulations like HIPAA, PCI, and HITRUST don't flow down to your compliance unless you (or your SI) configure the security controls correctly. That starts with an accurate assessment of your current state to inform your actual risks and then a prioritized daily, weekly, and monthly remediation plan to reduce risk. We reviewed some interesting statistics based on the Salesforce Security Risk Assessments RevCult completed in 2019, along with a checklist of actions you can take to complete your own assessment. Also discussed are specific things you should be doing today to ensure your Salesforce security controls, given current situation surrounding the COVID-19 pandemic, along with the rapid expansion of remote workforces, e.g. IP restrictions, user authorization, and more. To underscore the potential areas of risk, data from RevCult's Salesforce Security Risk Assessments include:
Recorded April 3rd, 2020 at 1:00 PM EDT Hosts: www.revcult.com / https://www.sans.org/webcasts/
|
||||
|