Salesforce.com Expands trust.salesforce.com to Lead Education and Awareness of Security Best Practices
SAN FRANCISCO - Salesforce.com Dreamforce Conference - September
Salesforce.com to discuss security best practices at Dreamforce 2007
- Salesforce.com [NYSE: CRM], the market and technology leader in on-demand
business services, today announced the expansion of trust.salesforce.com to include security best
practices. As more companies adopt on-demand technology, the goal of trust.salesforce.com/security
is to educate companies on security best practices for multi-tenant Software-as-a-Service
"As the leader in on demand, we must also take a leadership role in security education, which
is why we are offering this resource to help customers to raise their security awareness," said
Parker Harris, executive vice president, technology, salesforce.com. "Our 'trust' site has been a
hit with customers, so adding security was a natural extension for us as part our ongoing effort to
educate and respond to our customers' needs."
Trust.salesforce.com is salesforce.com's dedicated site for live performance data and service
history. It provides system status per server, number of transactions and speed per transaction.
Designed to keep customers informed of up to the minute service availability and help users
increase productivity, the site alerts users to any performance issues on any of its servers, as
well as any scheduled maintenance. The new security section of the site is dedicated to providing
customers with educational content on security best practices, including information on email
fraud, what to look for on the salesforce.com log in page, and password protection. The site will
be regularly updated with the latest security best practices.
An example of a topic featured on trust.salesforce.com/security is email fraud. Email fraud
is an increasingly common danger for unsuspecting online consumers and business users today. One of
the most popular scams are "phishing" attacks, which use social engineering to steal consumers'
personal identity data and financial account credentials using 'spoofed' emails, and leading them
to counterfeit websites designed to trick recipients into divulging financial data such as credit
card numbers, account user names, passwords and social security numbers. According to the latest
report by the Anti-Phishing Work Group (AFWG), the number of phishing sites rose to 14,191 in July,
an 18 percent increase over May, the previous all-time high. Most major ecommerce companies,
financial institutions, and service providers have seen their users targeted by phishing attempts.
End-user awareness and education is the key to avoiding security issues caused by phishing
and other security threats. Salesforce.com recommends that customers take the following steps to
enhance the security of their organizations:
- "White list" IP addresses in email filters
- Include IP restrictions as part of profiles in the Salesforce application
- Require two-factor identification for users
- Regularly update and reinforce security and education with end-users
At Dreamforce 2007 taking place this week, salesforce.com will offer a session on security
best practices covering the latest Internet risks, what security measures salesforce.com has taken,
and advice on how to educate end users on security.
Trust.salesforce/security is live now. Salesforce.com encourages customers to email
email@example.com if they receive any suspicious emails. For more information about phishing
and how to prevent it, see www.antiphishing.org.
Salesforce.com is the world’s largest provider of customer relationship management (CRM) software. For more information about salesforce.com (NYSE: CRM), visit: www.salesforce.com.
Any unreleased services or features referenced in this or other press releases or public statements are not currently available and may not be delivered on time or at all. Customers who purchase salesforce.com applications should make their purchase decisions based upon features that are currently available. Salesforce.com has headquarters in San Francisco, with offices in Europe and Asia, and trades on the New York Stock Exchange under the ticker symbol “CRM.” For more information please visit http://salesforce.com, or call 1-800-NO-SOFTWARE.