Just think about it: the thought of storing thousands of pieces of your data in the cloud can cause a nervous breakdown. With the frequent headlines about hacking and data breaches, you may wonder how secure a cloud CRM solution can be.
With so much of your data at stake, it’s good to be concerned about CRM data security. If your CRM data is hacked it can destroy customer trust and harm your business. While the typical validation method is where users supply a username and password, this has significant drawbacks, particularly as cybercriminals become more organized and skilled. The problem is that once a hacker figures out just one password, they’ll likely get access to several accounts. To simplify their personal and work lives, most users resort to using the same password across their work and home platforms.
XTIVIA recommends a few different ways to lock down your data. First, it’s important to understand your data and restrict access appropriately by securing data in multiple layers. Also, training your users on your security protocols helps prevent breaches, as many employees unintentionally or carelessly pass around documents, data, and even passwords. With that in mind, here are some best practices we employ to maintain quality data security:
Login Hours
For each profile, you can set specific hours when users can log in. There are two options, one for Enhanced Users and the other for Original Users.
Two-Factor Authentication
Two-Factor Authentication (2FA) or other Single Sign-On options provide many benefits by requiring a second form of identification. This decreases the possibility of an outside attacker impersonating a user and gaining access to your data. This can increase productivity and flexibility by embracing mobility as it contributes to higher productivity. The user can now securely access your data virtually from any device or location without putting data at risk.
XTIVIA highly recommends the use of 2FA, and there are two types of 2FA: User Interface Logins and API Login permissions.
The Two-Factor Authentication for User Interface Logins is an efficient way to protect your data. Each user profile requires multiple authentication when they log in. To set the requirement, select permission in the user profile (for cloned profiles only) or permission set.
The Two-Factor Authentication for API Logins is to set permission to use a second authentication challenge for API access to Salesforce. API access requires a verification code or what is called a “Time-based One-time Password” (TOTP). The user connects to their account by a verification code generated by an authenticator app.
Login IP Address and Trusted IP Ranges
For any customer who has users working from a set location — such as an office to use IP Address Ranges — XTIVIA also recommends using a range of IP addresses. This provides exclusive use and control of login access, which restricts logging in at a granular level.
When you define IP address restrictions for a profile, a login from any other IP address is denied. This improves compatibility with some older web browsers; however, it can be more burdensome for organizations whose users log in from various locations.
Also, you can set a list of Trusted IP Address Ranges from which they can always log in without receiving a login challenge. But users can log in to your organization after they provide the additional verification. So, this does not entirely restrict access for users outside of the Trusted IP Range. After these users complete the login challenge (usually by entering a code sent to their mobile device or email address), they can log in.
Salesforce Approach to Security
While it’s important for all CRM users to ask about how they can isolate their Salesforce data, it’s vital to know what measures Salesforce takes to keep their data secure.
Salesforce employs a multi-tiered approach to user security: access permissions, user roles, session timeouts, and customization. If a device is lost or stolen, it will quickly become useless, as access from an untrusted network requires a pre-issued security token that only authorized users can access. These, and many other features, ensure that your CRM data is only accessible by those employees who have a legitimate need for it.
Ultimately, for the safety of your data, implement the security controls you think are appropriate for the sensitivity of your data. Salesforce security features can do just that by helping you empower users to do their jobs safely and efficiently. Of course, at any time you need assistance, XTIVIA is here to help!