Salesforce.com Expands trust.salesforce.com to Lead Education and Awareness of Security Best Practices

Salesforce.com to discuss security best practices at Dreamforce 2007

SAN FRANCISCO - Salesforce.com Dreamforce Conference - September 17, 2007 - Salesforce.com [NYSE: CRM], the market and technology leader in on-demand business services, today announced the expansion of trust.salesforce.com to include security best practices. As more companies adopt on-demand technology, the goal of trust.salesforce.com/security is to educate companies on security best practices for multi-tenant Software-as-a-Service applications. 

"As the leader in on demand, we must also take a leadership role in security education, which is why we are offering this resource to help customers to raise their security awareness," said Parker Harris, executive vice president, technology, salesforce.com. "Our 'trust' site has been a hit with customers, so adding security was a natural extension for us as part our ongoing effort to educate and respond to our customers' needs."
Trust.salesforce.com is salesforce.com's dedicated site for live performance data and service history. It provides system status per server, number of transactions and speed per transaction. Designed to keep customers informed of up to the minute service availability and help users increase productivity, the site alerts users to any performance issues on any of its servers, as well as any scheduled maintenance. The new security section of the site is dedicated to providing customers with educational content on security best practices, including information on email fraud, what to look for on the salesforce.com log in page, and password protection. The site will be regularly updated with the latest security best practices.

An example of a topic featured on trust.salesforce.com/security is email fraud. Email fraud is an increasingly common danger for unsuspecting online consumers and business users today. One of the most popular scams are "phishing" attacks, which use social engineering to steal consumers' personal identity data and financial account credentials using 'spoofed' emails, and leading them to counterfeit websites designed to trick recipients into divulging financial data such as credit card numbers, account user names, passwords and social security numbers. According to the latest report by the Anti-Phishing Work Group (AFWG), the number of phishing sites rose to 14,191 in July, an 18 percent increase over May, the previous all-time high.  Most major ecommerce companies, financial institutions, and service providers have seen their users targeted by phishing attempts.

End-user awareness and education is the key to avoiding security issues caused by phishing and other security threats. Salesforce.com recommends that customers take the following steps to enhance the security of their organizations:
  • "White list" IP addresses in email filters
  • Include IP restrictions as part of profiles in the Salesforce application
  • Require two-factor identification for users
  • Regularly update and reinforce security and education with end-users

At Dreamforce 2007 taking place this week, salesforce.com will offer a session on security best practices covering the latest Internet risks, what security measures salesforce.com has taken, and advice on how to educate end users on security. 

Trust.salesforce/security is live now. Salesforce.com encourages customers to email security@salesforce.com if they receive any suspicious emails. For more information about phishing and how to prevent it, see www.antiphishing.org.

About Salesforce.com

Salesforce.com is the world’s largest provider of customer relationship management (CRM) software. For more information about salesforce.com (NYSE: CRM), visit: www.salesforce.com/ap/.

Any unreleased services or features referenced in this or other press releases or public statements are not currently available and may not be delivered on time or at all. Customers who purchase salesforce.com applications should make their purchase decisions based upon features that are currently available. Salesforce.com has headquarters in San Francisco, with offices in Europe and Asia, and trades on the New York Stock Exchange under the ticker symbol “CRM.” For more information please visit http://salesforce.com/ap/, or call 800 1301 448 (Singapore) or 800 967 655 (Hong Kong) or +65 6302 5700.