Salesforce Security Roadmap of 2021

Salesforce working to protect customer data with Multi Factor Authentication

Corporate security breaches are on the rise, and Salesforce is working hard to protect their customers by requiring them to use multi-factor authentication. This will go into effect in February 2022.📆

It’s been a year for hacking, and weak or reused passwords are often the easiest way to get in, but as we know: it's never too soon to put your data security first and make sure you're protecting it from the majority of cyberattacks. That is why Salesforce will be requiring all customers to enable multi-factor authentication which is one of the simplest and most effective ways to secure your data. That's why, beginning February 1st, 2022 all Salesforce customers must use MFA in order to access Salesforce products. [Click here to tweet]

MFA is becoming increasingly important for all businesses. And, if you are not taking it seriously enough already - then as time goes on and the digital world becomes more connected and complex- your lack of MFA will no longer be an option but could threaten to ruin any chance at success that may exist today so, it's better to make security your top priority today.

Enable MFA with Session Security Levels

Multi-factor authentication (MFA) is a robust authentication method that enhances security by requiring users to provide two or more pieces of evidence (or factors) to verify their identity during login. One factor is something the user knows, such as a password or username, while other factors may include something the user possesses, such as an authenticator app or security key. By linking user access to multiple types of factors, MFA significantly reduces the likelihood of successful attacks like phishing and account takeovers, making it a more formidable defense against common threats.

To enable multi-factor authentication (MFA) in your Salesforce session settings, you can choose either the standard or high assurance security level assigned to a login method. For further information on this feature, please click here.

Don’t wait for a breach to start thinking about security

The security challenges of WFH should be no surprise. After all, people have been doing it for years before COVID-19 lockdowns even started happening. As the world becomes more and more interconnected, cybercriminals are finding new ways to exploit vulnerable systems. The time of increased connectivity, with businesses quickly adopting new solutions such as cloud-based solutions in order to get a unified view across their business. This has created an opportunity for criminals to exploit connected systems in ways never before possible.

The future is now, and companies have been forced to quickly make adjustments in order to stay ahead of the curve. Companies are increasing security along every handoff using tools like Mulesoft’s API Manager and Salesforce Shield which help protect against common threats.

Let's experience swift, secure, smooth login!

The login process (with this much security) has never been easier.Your business deserves the best - that's why Salesforce offers simple, innovative MFA solutions that support several types of strong verification methods including the Salesforce Authenticator mobile app and third-party time-based one-time passcode (TOTP) authenticator apps, and WebAuthn and U2F-compliant security keys. Here you download it on IOS and Android:

Forget about forgotten passwords with Lightning Login

It’s time for you to ditch passwords, forget about forgotten credentials, and take on frictionless identification with Salesforce Authenticator. Skip the hassle of typing in your password every day. With Lightning Login, you can log in to your Salesforce account without having to type in a password. Just click your username and tap to approve the login with Salesforce Authenticator and the added security of your thumbprint.

Salesforce is here to help with the MFA Assistant

The Multi-Factor Authentication Assistant is here to make your life easier. It is your central hub for delivering MFA to your users. The assistant will guide you through the process step by step for a successful rollout, from evaluating requirements and planning your project to implementing MFA, launching it to users, and driving adoption.

Visit here to learn more.

Let’s take a deep dive into MFA

Let's not get it twisted, MFA is a broader topic to cover it all just in one blog. But to give you a deep dive into Multi-Factor Authentication we are here providing you some articles which will help you in understanding it more deeply.

  1. How to Roll Out Multi-Factor Authentication

  2. Multi-Factor Authentication Customizations

  3. Use U2F Security Keys as a Verification Method

  4. Register Verification Methods for Multi-Factor Authentication

  5. Disconnect a User’s Verification Method

  6. Generate a Temporary Identity Verification Code

  7. Expire a Temporary Verification Code

  8. Delegate Multi-Factor Authentication Management Tasks

  9. Here is a detailed guide for the admins on Multi-Factor Authentication

Salesforce is confident that its products are secure and wants to give its customers peace of mind. Take a moment and click here to read about Salesforce’s commitment to security and the customer Multi-Factor Authentication (MFA) requirement. If you have any questions, please feel free to get in touch with us in the comments below.

References:

  • https://apps.apple.com/us/app/salesforce-authenticator/id782057975

  • https://play.google.com/store/apps/details?id=com.salesforce.authenticator&hl=en

  • https://www.salesforce.com/news/stories/2021-raises-new-cybersecurity-issues-how-salesforce-is-mitigating-the-risks/

  • https://www.govtech.com/blogs/lohrmann-on-cybersecurity/2020-the-year-the-covid-19-crisis-brought-a-cyber-pandemic.html

  • https://help.salesforce.com/s/articleView?id=000392813&type=1

  • https://www.infosecurity-magazine.com/news/misconfigured-bucket-exposes/

  • https://www.mulesoft.com/resources/api/api-security

  • https://help.salesforce.com/s/articleView?id=000388806&type=1

  • https://www.securitymagazine.com/articles/94865-almost-20-increase-in-corporate-security-breaches-since-wfh

  • https://admin.salesforce.com/blog/2020/multi-factor-authentication-as-easy-as-washing-your-hands

Abhinav Gupta

First Indian Salesforce MVP, rewarded Eight times in a row, has been blogging about Salesforce, Cloud, AI, & Web3 since 2011. Founded 1st Salesforce Dreamin event in India, called “Jaipur Dev Fest”. A seasoned speaker at Dreamforce, Dreamin events, & local meets. Author of many popular GitHub repos featured in official Salesforce blogs, newsletters, and books.

https://abhinav.fyi
Previous
Previous

The Countdown to Dreamforce'21 is on!

Next
Next

Are you ready for TrailheaDX’21