Security Management at Scale with Security Center Extension Package

Salesforce completed our acquisition of Own and not longer after, we started bringing key functionality from Own products into Salesforce existing solutions.

One of key additions to our already comprehensive Trusted services and security portfolio was the Security Center extension package which is free to use for all existing Security Center customers and is available as a managed package. As we continue the integration of Own products into Salesforce you can expect functionality added to our native solutions.

In this article, we will explore how you can utilise the new Security Center features across key areas of an effective security management and observability strategy that involves data classification, operational risk assessment with clear strategies to manage risks and data access control. Based on experience interacting with customers across the globe from different industries and with varied security maturity levels, the features covered in this article are crucial to implement successful security management policies and scale.

Installing Security Center extension packages

To get started, we need to install the extension package on the Salesforce you plan to use the new features. In a future release, we plan to incorporate more of these capabilities in the native application for an improve customer experience. As many other Salesforce managed packages, the installation process is quite simple and well documented.

You can find a step by step guide to install your Security Center extension package here. Once you complete the installation steps, a new application, Security Center Extension, will be available via application picker menu.

You can’t protect what you don’t know – data classification

When discussing security improvement strategies, our customers quickly realise how essential is to have objects and fields identified, classified and labeled correctly. From creating specific metadata labels to understanding and managing data effectively, Salesforce provides tools to help customers better understand and organise their data, ensuring they can meet their customers’ needs efficiently. Data classification in Salesforce allows customers to gain deeper insights into their data through three key features: Data Owner Field, Field Usage, and Data Sensitivity.

Once your organisation defines and implements a correct data classification implementation, the information captured in then used in a multitude of security policies from field-level encryption to transaction security policies and data masking job configuration. You really need to focus in identifying sensitive information so you can more effectively protect it.

Data Owner Field – indicates which group or user owns a particular field. If your organisation has multiple groups modifying fields in the Salesforce instance, it can be unclear why a field exists or how it should be used. By clearly defining ownership, you can streamline data management, ensure accountability, and apply the necessary security controls.

Field Usage – another component in your data security strategy. It helps reduce the risk footprint by eliminating unnecessary data. The usage label declares fields based on their current status—whether they are in use, hidden, or are up for deprecation. This categorisation aids in maintaining a lean and efficient data structure, minimising unnecessary data storage, and reducing potential security risks.

Data Sensitivity – this classification indicates the level of sensitivity of the data typically stored in a field. It enables customers to make informed decisions about how and in what way data can be used. By classifying data sensitivity, organisations can implement appropriate security measures and compliance protocols. This ensures that sensitive information is adequately protected and handled according to regulatory requirements, thereby enhancing overall data security.

But you might be asking yourself where to start your data classification efforts. Salesforce offers a great solution as part of our Security Centre add-on, embedding data classification best practices directly into org. You can get immediate access to pre-built classification templates that help you identify common field types, such as public fields, system fields, high-risk fields, and others. It can save a lot of time and provide a more accurate assessment of fields where sensitive data might be stored.

Once you’ve identified those target fields, classify them in bulk – with a single click. Classifying your data is crucial; it allows you to understand its risk and compliance impact, and then enforce least-privileged access – a key step in securing Salesforce

By leveraging these data classification features, Salesforce customers can significantly enhance their data management practices. These tools ensure that data is organised, secure, and used effectively to meet business objectives while maintaining compliance with security standards.

Who Sees What Explorer

How would you answer today to questions like “Which users have access to this record?” or “What permission set should you add so one user can read this highly sensitive information?”. For a long time, security professionals have designed access control frameworks based on principle of least privilege but with Salesforce approach to data access and its different layers of access control – Org, object, record, field, sharing rules – administrators and security teams can find challenging to report on users and they different access levels.

We believe that securing your sensitive data requires a well define access management process so only authorised users can access information. With the addition of “Who Sees What Explorer” module, you can now view your security authorisation model across your Salesforce organisation.

Using this Security Center module, the permissions associated with objects, fields, records can be more easily described. It also helps you ensure that your current permissions and permission sets have been configured and deployed in the way they have been designed.

Security Insights

The ability to track changes across your Salesforce environment and quantify and manage risks associated with it can be a difficult task to manage. Every organisation using applicable risk management processes and its own tolerance priorities and mitigation strategies, Security Center now provides Security Insights to help your organisation meet its risk management goals. It’s like having a risk expert right inside your Salesforce environment.

Automated risk assessments identify and prioritise threats based on out of the box recommended thresholds and your organisation’s specific risk tolerance, providing prescriptive guidance for risk management and mitigation strategies.

The Security Insights module in Salesforce offers a comprehensive overview of your organisation’s security posture, allowing for rapid assessment and review of key security metrics through six distinct lenses. It enables users to compare current security settings against best practice recommendations and customise risk ratings and scoring to fit organisational needs.

The Security Insights module categorises Salesforce security into six critical lenses, each essential for comprehensive risk management.

• Data Protection is used to highlight sensitive information and its classification as well as access controls, permissions and profiles that may pose as risk to unauthorised access and breaches.
• Integration focuses on the secure connection of Salesforce with other systems, such as Connect Apps and HTTP Callouts, preventing vulnerabilities during data exchange and external access to data stored in Salesforce
• Data Loss Prevention aims to protect against accidental or malicious data leaks, identifying users with high privilege access (i.e Modify All) and untracked fields containing sensitive information
• Access Control (Authentication) shows the user authentication methods utilised and information about password policies.
• The Security Model (Authorisation) provides a risk-driven view of user permissions, profiles and entitlements configured in your org.
• Monitoring continuously tracks and analyses security events and objects that should be monitored in the environment in order to quickly detect and respond to potential threats.

Users can exclude specific items or entire graphs to better align with their security requirements. Additionally, the module provides actionable insights for enhancing security scores through configuration updates. It also provides historical results that can be accessed via the Time Machine feature. Action Plans can then be printed as a PDF so you have detailed steps to follow for security improvement plan.

Security Center converts point in time assessments into one-click security posture reports, simplifying communication for audit, compliance, and security stakeholders. This allows you to expand your Salesforce ecosystem with confidence.

Whether you are already leveraging Security Center to manage your security posture and operational risks across your environment or a customer looking for ways to improve the ability to control your Salesforce rollout, the new Security Center extension package should be part of your strategy.