Earlier this year Salesforce released a new feature both in Lightning Experience and Salesforce Classic. It allows admins to run a Health Check. This reports on your security vulnerabilities and where your org stands compared to Salesforce-recommended baseline. This might sound like old news to some, as the new feature was implemented in the Spring 16’ Release. However, we noticed many of our clients are not taking advantage of this feature. They had no idea how simple it is to benchmark their orgs against Salesforce security standards.
Salesforce Baseline
The Salesforce Baseline standard contains recommended values for the Session Settings, Password Policies, and Network Access setting groups. If you change all of a group’s settings to be less restrictive than what’s in the Salesforce security standard, your health check score will be low.
A proprietary formula calculates the Health Check score by measuring how well your security settings meet the Salesforce Baseline standard. Some settings might meet or exceed the standard causing your score to be raised while settings not meeting the Salesforce security standards and requirements will lower your score. According to the Salesforce Security Implementation Guide – “some settings like Minimum Password Length have a heavier weight, so they have a higher impact on your score”. If you have changed your password to be less restrictive, the Health Check will list this as a risk.
The good news is that you can address any deficiencies as you see fit, with only a couple of clicks, right from the dashboard!
- In the Setup area, search for Health in the quick find box.
- You’ll see a link for Security Health Check.
- From here, you’ll see a dashboard with Salesforce’s diagnosis. This outlines which areas of your settings present a high risk, medium risk, or low risk compared against the standard Salesforce Baseline.
Eliminate Risks
- To eliminate risks, click to edit the setting to change them manually or use Fix Risks to quickly change settings to the Salesforce-recommended values.
- Once your settings meet the standard, they will listed at the bottom of the Health Check page.
Note: You can only use Fix Risks to change the Login Access Policies, Password Policies, and Session Settings groups.
Your total score should be 100 if all your settings meet or exceed the Salesforce security standards! If you haven’t done your Health Check yet, we strongly recommend you to do so. Then implement the recommended security changes to protect your data.
Need to Improve Your Org to Meet Salesforce Security Standards?
Our team has helped dozens of clients improve their security settings to meet with Salesforce standards. We’re happy to take a look at yours as well. Contact our team of experienced business analysts and architects to start your security review today.