{"id":63587,"date":"2023-02-14T16:45:26","date_gmt":"2023-02-14T08:45:26","guid":{"rendered":"https:\/\/version-2.com.sg\/?p=63580"},"modified":"2024-09-13T16:31:43","modified_gmt":"2024-09-13T08:31:43","slug":"salesforce-data-security-is-native-security-enough","status":"publish","type":"post","link":"https:\/\/version-2.com\/en\/2023\/02\/salesforce-data-security-is-native-security-enough\/","title":{"rendered":"Salesforce data security: is native security enough?"},"content":{"rendered":"<div data-elementor-type=\"wp-post\" data-elementor-id=\"63587\" class=\"elementor elementor-63587\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-35fe5dd post-content elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"35fe5dd\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[{&quot;jet_parallax_layout_image&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;_id&quot;:&quot;cef08c3&quot;,&quot;jet_parallax_layout_image_tablet&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_mobile&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_speed&quot;:{&quot;unit&quot;:&quot;%&quot;,&quot;size&quot;:50,&quot;sizes&quot;:[]},&quot;jet_parallax_layout_type&quot;:&quot;scroll&quot;,&quot;jet_parallax_layout_direction&quot;:&quot;1&quot;,&quot;jet_parallax_layout_fx_direction&quot;:null,&quot;jet_parallax_layout_z_index&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x&quot;:50,&quot;jet_parallax_layout_bg_x_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y&quot;:50,&quot;jet_parallax_layout_bg_y_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size&quot;:&quot;auto&quot;,&quot;jet_parallax_layout_bg_size_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_animation_prop&quot;:&quot;transform&quot;,&quot;jet_parallax_layout_on&quot;:[&quot;desktop&quot;,&quot;tablet&quot;]}]}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-409a2e9a\" data-id=\"409a2e9a\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-5a8be8f elementor-widget elementor-widget-text-editor\" data-id=\"5a8be8f\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p><img fetchpriority=\"high\" decoding=\"async\" class=\"alignnone size-full\" src=\"https:\/\/images.ctfassets.net\/5natoedl294r\/66HnS5W1ZeiiMJsup7Yhlo\/33e9d715f423e1e83f08e9e228074681\/Data_security_in_Salesforce_cover_web_1400x800.png?w=1400&amp;h=800&amp;q=50&amp;fm=webp\" width=\"1400\" height=\"800\" \/><\/p><article><p class=\"my-4 blog-paragraph text-still-dark-blue\">Salesforce is a dominant player in the Customer Relationship Management sector. Around 150,000 companies use Salesforce to manage customer data and launch marketing campaigns, and the company enjoys a 33% market share.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\">It\u2019s easy to see why. Salesforce\u2019s cloud-based tools save costs and time, simplify customer analysis, and integrate smoothly with other SaaS services. But is Salesforce a secure environment to run your business?<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\">While Salesforce is generally safe to use, <strong>data security in Salesforce is still something users need to consider<\/strong>. Data breaches have exposed potential vulnerabilities. And users need to know how to use the Salesforce data security model when making their implementation more secure.<\/p><h2 id=\"data-security-in-salesforce\" class=\"Heading Heading-h2 text-dark-blue\">Data security in Salesforce<\/h2><p class=\"my-4 blog-paragraph text-still-dark-blue\"><strong>Data security is the protection of sensitive data handled by an organization<\/strong>. In the context of Salesforce, this refers to customer records, including financial information and private personal details such as names and contact details.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\">The consequences can be severe if an organization loses control of data privacy protection. According to IBM, the average cost of a data breach is approximately $4.35 million. Companies that lose large volumes of sensitive customer data can expect to pay hefty compensation.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\"><strong>Salesforce is no exception<\/strong>. In 2019, Salesforce client Hanna Andersson <a class=\"hyperlink Link Link--blue-dodger font-medium\" href=\"https:\/\/today.westlaw.com\/Document\/I715743302b7e11ebb26bd3086ac74fc7\/View\/FullText.html?transitionType=Default&amp;contextData=(sc.Default)&amp;firstPage=true\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">suffered a major data breach<\/a>. A malware infection on the clothing retailer\u2019s Salesforce platform exposed over 200,000 customer accounts. Neither Hanna Andersson nor Salesforce knew anything about it.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\">Three months after the Salesforce breach began, law enforcement officers discovered confidential data for sale on the Dark Web. Customers immediately sued under the <a class=\"hyperlink Link Link--blue-dodger font-medium\" href=\"https:\/\/oag.ca.gov\/privacy\/ccpa\/\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">California Consumer Privacy Act (CCPA)<\/a>.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\">Salesforce and Hanna Andersson eventually settled the claim in 2021. Both companies accepted shortcomings in protecting user data, detecting malware, and informing customers. And they had to pay as much as $5,000 to affected customers.<\/p><div class=\"MuiBox-root jss30 jss20\"><p class=\"MuiTypography-root jss22 jss6 MuiTypography-subtitle2 MuiTypography-colorTextPrimary\" data-testid=\"text\">Related articles<\/p><div class=\"MuiBox-root jss31 jss21\"><p>\u00a0<\/p><div class=\"gatsby-image-wrapper jss26\" data-gatsby-image-wrapper=\"\"><div style=\"padding-top: 57.14285714285714%;\" aria-hidden=\"true\">\u00a0<\/div><div style=\"opacity: 0; transition: opacity 500ms linear 0s; object-fit: cover;\" aria-hidden=\"true\" data-placeholder-image=\"\">\u00a0<\/div><p><picture><source srcset=\"https:\/\/images.ctfassets.net\/5natoedl294r\/2XKc995qQTZlCqKYLHTYNH\/69d9f141fb2bf66367fa96df693b2cac\/Network_Access_Control__best_practices_web_1400x800.png?w=750&amp;h=429&amp;q=50&amp;fm=webp 750w, https:\/\/images.ctfassets.net\/5natoedl294r\/2XKc995qQTZlCqKYLHTYNH\/69d9f141fb2bf66367fa96df693b2cac\/Network_Access_Control__best_practices_web_1400x800.png?w=1080&amp;h=617&amp;q=50&amp;fm=webp 1080w, https:\/\/images.ctfassets.net\/5natoedl294r\/2XKc995qQTZlCqKYLHTYNH\/69d9f141fb2bf66367fa96df693b2cac\/Network_Access_Control__best_practices_web_1400x800.png?w=1366&amp;h=781&amp;q=50&amp;fm=webp 1366w, https:\/\/images.ctfassets.net\/5natoedl294r\/2XKc995qQTZlCqKYLHTYNH\/69d9f141fb2bf66367fa96df693b2cac\/Network_Access_Control__best_practices_web_1400x800.png?w=1400&amp;h=800&amp;q=50&amp;fm=webp 1400w\" type=\"image\/webp\" sizes=\"100vw\" \/><img decoding=\"async\" style=\"object-fit: cover; opacity: 1;\" title=\"Network Access Control best practices web 1400x800\" src=\"https:\/\/images.ctfassets.net\/5natoedl294r\/2XKc995qQTZlCqKYLHTYNH\/69d9f141fb2bf66367fa96df693b2cac\/Network_Access_Control__best_practices_web_1400x800.png?w=1400&amp;h=800&amp;q=50&amp;fm=png\" sizes=\"100vw\" srcset=\"https:\/\/images.ctfassets.net\/5natoedl294r\/2XKc995qQTZlCqKYLHTYNH\/69d9f141fb2bf66367fa96df693b2cac\/Network_Access_Control__best_practices_web_1400x800.png?w=750&amp;h=429&amp;q=50&amp;fm=png 750w, https:\/\/images.ctfassets.net\/5natoedl294r\/2XKc995qQTZlCqKYLHTYNH\/69d9f141fb2bf66367fa96df693b2cac\/Network_Access_Control__best_practices_web_1400x800.png?w=1080&amp;h=617&amp;q=50&amp;fm=png 1080w, https:\/\/images.ctfassets.net\/5natoedl294r\/2XKc995qQTZlCqKYLHTYNH\/69d9f141fb2bf66367fa96df693b2cac\/Network_Access_Control__best_practices_web_1400x800.png?w=1366&amp;h=781&amp;q=50&amp;fm=png 1366w, https:\/\/images.ctfassets.net\/5natoedl294r\/2XKc995qQTZlCqKYLHTYNH\/69d9f141fb2bf66367fa96df693b2cac\/Network_Access_Control__best_practices_web_1400x800.png?w=1400&amp;h=800&amp;q=50&amp;fm=png 1400w\" alt=\"Network Access Control best practices web 1400x800\" width=\"1\" height=\"0.5714285714285714\" data-main-image=\"\" \/><\/picture><noscript><picture><source type=\"image\/webp\" srcset=\"https:\/\/images.ctfassets.net\/5natoedl294r\/2XKc995qQTZlCqKYLHTYNH\/69d9f141fb2bf66367fa96df693b2cac\/Network_Access_Control__best_practices_web_1400x800.png?w=750&amp;h=429&amp;q=50&amp;fm=webp 750w, https:\/\/images.ctfassets.net\/5natoedl294r\/2XKc995qQTZlCqKYLHTYNH\/69d9f141fb2bf66367fa96df693b2cac\/Network_Access_Control__best_practices_web_1400x800.png?w=1080&amp;h=617&amp;q=50&amp;fm=webp 1080w, https:\/\/images.ctfassets.net\/5natoedl294r\/2XKc995qQTZlCqKYLHTYNH\/69d9f141fb2bf66367fa96df693b2cac\/Network_Access_Control__best_practices_web_1400x800.png?w=1366&amp;h=781&amp;q=50&amp;fm=webp 1366w, https:\/\/images.ctfassets.net\/5natoedl294r\/2XKc995qQTZlCqKYLHTYNH\/69d9f141fb2bf66367fa96df693b2cac\/Network_Access_Control__best_practices_web_1400x800.png?w=1400&amp;h=800&amp;q=50&amp;fm=webp 1400w\" sizes=\"100vw\"\/><img title=\"Network Access Control best practices web 1400x800\" width=\"1\" height=\"0.5714285714285714\" data-main-image=\"\" style=\"object-fit:cover;opacity:0\" sizes=\"auto, 100vw\" decoding=\"async\" loading=\"lazy\" src=\"https:\/\/images.ctfassets.net\/5natoedl294r\/2XKc995qQTZlCqKYLHTYNH\/69d9f141fb2bf66367fa96df693b2cac\/Network_Access_Control__best_practices_web_1400x800.png?w=1400&amp;h=800&amp;q=50&amp;fm=png\" srcset=\"https:\/\/images.ctfassets.net\/5natoedl294r\/2XKc995qQTZlCqKYLHTYNH\/69d9f141fb2bf66367fa96df693b2cac\/Network_Access_Control__best_practices_web_1400x800.png?w=750&amp;h=429&amp;q=50&amp;fm=png 750w, https:\/\/images.ctfassets.net\/5natoedl294r\/2XKc995qQTZlCqKYLHTYNH\/69d9f141fb2bf66367fa96df693b2cac\/Network_Access_Control__best_practices_web_1400x800.png?w=1080&amp;h=617&amp;q=50&amp;fm=png 1080w, https:\/\/images.ctfassets.net\/5natoedl294r\/2XKc995qQTZlCqKYLHTYNH\/69d9f141fb2bf66367fa96df693b2cac\/Network_Access_Control__best_practices_web_1400x800.png?w=1366&amp;h=781&amp;q=50&amp;fm=png 1366w, https:\/\/images.ctfassets.net\/5natoedl294r\/2XKc995qQTZlCqKYLHTYNH\/69d9f141fb2bf66367fa96df693b2cac\/Network_Access_Control__best_practices_web_1400x800.png?w=1400&amp;h=800&amp;q=50&amp;fm=png 1400w\" alt=\"Network Access Control best practices web 1400x800\"\/><\/picture><\/noscript><\/p><\/div><div class=\"MuiBox-root jss32 jss27\"><p><span class=\"MuiTypography-root jss24 MuiTypography-caption MuiTypography-colorTextSecondary\" data-testid=\"text\">In Depth<\/span><\/p><p class=\"MuiTypography-root jss25 jss6 MuiTypography-body1 MuiTypography-colorTextPrimary\" data-testid=\"text\">6 Network Access Control best practices<\/p><p><span class=\"MuiTypography-root jss29 MuiTypography-caption MuiTypography-colorTextSecondary\" data-testid=\"text\">29 Dec 2022<span class=\"MuiTypography-root jss28 MuiTypography-body2\" data-testid=\"text\">\u2022<\/span>13 min read<\/span><\/p><\/div><p>\u00a0<\/p><div class=\"gatsby-image-wrapper jss26\" data-gatsby-image-wrapper=\"\"><div style=\"padding-top: 57.14285714285714%;\" aria-hidden=\"true\">\u00a0<\/div><div style=\"opacity: 0; transition: opacity 500ms linear 0s; object-fit: cover;\" aria-hidden=\"true\" data-placeholder-image=\"\">\u00a0<\/div><p><picture><source srcset=\"https:\/\/images.ctfassets.net\/5natoedl294r\/3vIelfDwQYiV0B73DFY0UE\/0d1b0382f314c0e2c57ec2bf21c50e4b\/SaaS_Security_Best_Practices_web_1400x800.png?w=750&amp;h=429&amp;q=50&amp;fm=webp 750w, https:\/\/images.ctfassets.net\/5natoedl294r\/3vIelfDwQYiV0B73DFY0UE\/0d1b0382f314c0e2c57ec2bf21c50e4b\/SaaS_Security_Best_Practices_web_1400x800.png?w=1080&amp;h=617&amp;q=50&amp;fm=webp 1080w, https:\/\/images.ctfassets.net\/5natoedl294r\/3vIelfDwQYiV0B73DFY0UE\/0d1b0382f314c0e2c57ec2bf21c50e4b\/SaaS_Security_Best_Practices_web_1400x800.png?w=1366&amp;h=781&amp;q=50&amp;fm=webp 1366w, https:\/\/images.ctfassets.net\/5natoedl294r\/3vIelfDwQYiV0B73DFY0UE\/0d1b0382f314c0e2c57ec2bf21c50e4b\/SaaS_Security_Best_Practices_web_1400x800.png?w=1400&amp;h=800&amp;q=50&amp;fm=webp 1400w\" type=\"image\/webp\" sizes=\"100vw\" \/><img decoding=\"async\" style=\"object-fit: cover; opacity: 1;\" title=\"SaaS Security Best Practices\" src=\"https:\/\/images.ctfassets.net\/5natoedl294r\/3vIelfDwQYiV0B73DFY0UE\/0d1b0382f314c0e2c57ec2bf21c50e4b\/SaaS_Security_Best_Practices_web_1400x800.png?w=1400&amp;h=800&amp;q=50&amp;fm=png\" sizes=\"100vw\" srcset=\"https:\/\/images.ctfassets.net\/5natoedl294r\/3vIelfDwQYiV0B73DFY0UE\/0d1b0382f314c0e2c57ec2bf21c50e4b\/SaaS_Security_Best_Practices_web_1400x800.png?w=750&amp;h=429&amp;q=50&amp;fm=png 750w, https:\/\/images.ctfassets.net\/5natoedl294r\/3vIelfDwQYiV0B73DFY0UE\/0d1b0382f314c0e2c57ec2bf21c50e4b\/SaaS_Security_Best_Practices_web_1400x800.png?w=1080&amp;h=617&amp;q=50&amp;fm=png 1080w, https:\/\/images.ctfassets.net\/5natoedl294r\/3vIelfDwQYiV0B73DFY0UE\/0d1b0382f314c0e2c57ec2bf21c50e4b\/SaaS_Security_Best_Practices_web_1400x800.png?w=1366&amp;h=781&amp;q=50&amp;fm=png 1366w, https:\/\/images.ctfassets.net\/5natoedl294r\/3vIelfDwQYiV0B73DFY0UE\/0d1b0382f314c0e2c57ec2bf21c50e4b\/SaaS_Security_Best_Practices_web_1400x800.png?w=1400&amp;h=800&amp;q=50&amp;fm=png 1400w\" alt=\"SaaS Security Best Practices\" width=\"1\" height=\"0.5714285714285714\" data-main-image=\"\" \/><\/picture><noscript><picture><source type=\"image\/webp\" srcset=\"https:\/\/images.ctfassets.net\/5natoedl294r\/3vIelfDwQYiV0B73DFY0UE\/0d1b0382f314c0e2c57ec2bf21c50e4b\/SaaS_Security_Best_Practices_web_1400x800.png?w=750&amp;h=429&amp;q=50&amp;fm=webp 750w, https:\/\/images.ctfassets.net\/5natoedl294r\/3vIelfDwQYiV0B73DFY0UE\/0d1b0382f314c0e2c57ec2bf21c50e4b\/SaaS_Security_Best_Practices_web_1400x800.png?w=1080&amp;h=617&amp;q=50&amp;fm=webp 1080w, https:\/\/images.ctfassets.net\/5natoedl294r\/3vIelfDwQYiV0B73DFY0UE\/0d1b0382f314c0e2c57ec2bf21c50e4b\/SaaS_Security_Best_Practices_web_1400x800.png?w=1366&amp;h=781&amp;q=50&amp;fm=webp 1366w, https:\/\/images.ctfassets.net\/5natoedl294r\/3vIelfDwQYiV0B73DFY0UE\/0d1b0382f314c0e2c57ec2bf21c50e4b\/SaaS_Security_Best_Practices_web_1400x800.png?w=1400&amp;h=800&amp;q=50&amp;fm=webp 1400w\" sizes=\"100vw\"\/><img title=\"SaaS Security Best Practices\" width=\"1\" height=\"0.5714285714285714\" data-main-image=\"\" style=\"object-fit:cover;opacity:0\" sizes=\"auto, 100vw\" decoding=\"async\" loading=\"lazy\" src=\"https:\/\/images.ctfassets.net\/5natoedl294r\/3vIelfDwQYiV0B73DFY0UE\/0d1b0382f314c0e2c57ec2bf21c50e4b\/SaaS_Security_Best_Practices_web_1400x800.png?w=1400&amp;h=800&amp;q=50&amp;fm=png\" srcset=\"https:\/\/images.ctfassets.net\/5natoedl294r\/3vIelfDwQYiV0B73DFY0UE\/0d1b0382f314c0e2c57ec2bf21c50e4b\/SaaS_Security_Best_Practices_web_1400x800.png?w=750&amp;h=429&amp;q=50&amp;fm=png 750w, https:\/\/images.ctfassets.net\/5natoedl294r\/3vIelfDwQYiV0B73DFY0UE\/0d1b0382f314c0e2c57ec2bf21c50e4b\/SaaS_Security_Best_Practices_web_1400x800.png?w=1080&amp;h=617&amp;q=50&amp;fm=png 1080w, https:\/\/images.ctfassets.net\/5natoedl294r\/3vIelfDwQYiV0B73DFY0UE\/0d1b0382f314c0e2c57ec2bf21c50e4b\/SaaS_Security_Best_Practices_web_1400x800.png?w=1366&amp;h=781&amp;q=50&amp;fm=png 1366w, https:\/\/images.ctfassets.net\/5natoedl294r\/3vIelfDwQYiV0B73DFY0UE\/0d1b0382f314c0e2c57ec2bf21c50e4b\/SaaS_Security_Best_Practices_web_1400x800.png?w=1400&amp;h=800&amp;q=50&amp;fm=png 1400w\" alt=\"SaaS Security Best Practices\"\/><\/picture><\/noscript><\/p><\/div><div class=\"MuiBox-root jss33 jss27\"><p><span class=\"MuiTypography-root jss24 MuiTypography-caption MuiTypography-colorTextSecondary\" data-testid=\"text\">In Depth<\/span><\/p><p class=\"MuiTypography-root jss25 jss6 MuiTypography-body1 MuiTypography-colorTextPrimary\" data-testid=\"text\">SaaS Security 101: The Definitive Guide<\/p><p><span class=\"MuiTypography-root jss29 MuiTypography-caption MuiTypography-colorTextSecondary\" data-testid=\"text\">10 May 2022<span class=\"MuiTypography-root jss28 MuiTypography-body2\" data-testid=\"text\">\u2022<\/span>9 min read<\/span><\/p><\/div><p>\u00a0<\/p><\/div><\/div><p class=\"my-4 blog-paragraph text-still-dark-blue\"><strong>The Hanna Andersson settlement shows that data security is a critical vulnerability<\/strong> and could happen to any Salesforce user. So let\u2019s dig deeper into the Salesforce data security model to explain how secure the platform is and what companies can do to protect their data.<\/p><h2 id=\"the-salesforce-data-security-model\" class=\"Heading Heading-h2 text-dark-blue\">The Salesforce data security model<\/h2><p class=\"my-4 blog-paragraph text-still-dark-blue\">Since the 2019 Salesforce data breach, the platform has tightened up its native security features.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\">Data at rest on Salesforce is encrypted, concealing it from outsiders. Logging systems allow users to track weaknesses and handle alerts. MFA adds strength to authentication processes. And users can even create bespoke protection for data analysis with the Data Mask feature.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\">However, one set of controls in the data security field is all-important.<strong> Permission sets enable Salesforce users to manage data access. <\/strong>Users can use permission sets to ensure that only authorized users can access data. Everyone else is blocked by default \u2013 until they are granted necessary privileges.<\/p><p><img decoding=\"async\" class=\"alignnone size-full\" src=\"https:\/\/images.ctfassets.net\/5natoedl294r\/6ayGupUXuOPzup8ttf7zwg\/88ddeab96cde6fd8517ebfc8864e7d16\/Data_security_in_Salesforce_table_web_1400x800.png?w=1400&amp;h=800&amp;q=50&amp;fm=webp\" width=\"1400\" height=\"800\" \/><\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\">There are four Salesforce permission sets. Each one plays a role in locking down confidential customer information:<\/p><ul class=\"list\"><li class=\"ml-4 pl-4\"><p class=\"my-4 blog-paragraph text-still-dark-blue\"><strong>Organization level<\/strong> \u2013 At the organization level, users can manage access for all users in their enterprise. Multi-factor authentication factors make Salesforce portals more secure. Connection limits, location tracking, and IP range screening exclude malicious actors.<\/p><\/li><li class=\"ml-4 pl-4\"><p class=\"my-4 blog-paragraph text-still-dark-blue\"><strong>Object level <\/strong>\u2013 Organizations can limit access to Salesforce databases and apps. Object level controls allow administrators to set aside portions of the Salesforce environment and create restricted zones with limited access.<\/p><\/li><li class=\"ml-4 pl-4\"><p class=\"my-4 blog-paragraph text-still-dark-blue\"><strong>Record level<\/strong> \u2013 Security teams can create permission sets for specific records. Marketing teams may need access to information about customer purchases. But financial data can be locked away. Admins can set objects to read-only or allocate editing privileges for certain users.<\/p><\/li><li class=\"ml-4 pl-4\"><p class=\"my-4 blog-paragraph text-still-dark-blue\"><strong>Field level <\/strong>\u2013 At the field level, users can restrict how users interact with database fields. This provides tight control over how data is used. Many employees may have object access to CRM data. Only a tiny number will have field level access to edit and export the most sensitive data.<\/p><\/li><\/ul><h2 id=\"salesforce-security-issues\" class=\"Heading Heading-h2 text-dark-blue\">Salesforce security issues<\/h2><p class=\"my-4 blog-paragraph text-still-dark-blue\">Applying access controls is critical, but users must also be aware of<strong> Salesforce security vulnerabilities.<\/strong> Be sure to factor in these issues when planning your security strategy.<\/p><h3 class=\"Heading Heading-h3 text-dark-blue\">1. Inadequate data classification<\/h3><p class=\"my-4 blog-paragraph text-still-dark-blue\"><strong>Before you can protect confidential data, you need to understand the data you hold. <\/strong>Companies need to classify every record according to its value and vulnerability. When you have that information, you can start creating field level controls and setting permissions.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\">Review your databases and assign risk levels to the information they contain. Use regulations as a framework. For instance, the CCPA mandates robust protection of customer financial records. HIPAA requires tight control of any patient data.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\">Classification matters because it isn\u2019t always practical to secure all customer data. Unclassified data generates noise and confusion. Security teams are presented with false positives and waste time on securing low-value data.<\/p><h3 class=\"Heading Heading-h3 text-dark-blue\">2. Confusing data ownership<\/h3><p class=\"my-4 blog-paragraph text-still-dark-blue\">Who is responsible for securing your Salesforce CRM system? Many companies cannot answer this question and rely on multiple stakeholders to secure customer data.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\"><strong>Data ownership should be clear and communicated to all Salesforce users<\/strong>. Assign an individual or team to manage data security. They should ensure compliance with relevant regulations, apply native Salesforce controls, and integrate enterprise-wide security systems with the CRM system.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\">Take advantage of Salesforce\u2019s training materials. The platform offers courses in identity and access management (IAM). With this information, your security manager can master Salesforce permission sets and protect critical databases.<\/p><h3 class=\"Heading Heading-h3 text-dark-blue\">3. Poor Salesforce security awareness<\/h3><p class=\"my-4 blog-paragraph text-still-dark-blue\"><strong>Knowledge about Salesforce security should extend beyond the data security lead<\/strong>. Every CRM user must know security policies and the importance of protecting against phishing attacks.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\">Remember the Hanna Andersson case. A single Salesforce cyber attack can compromise huge data sets. Poor training and a shallow security culture can have huge implications.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\"><strong>Extended awareness matters because Salesforce is highly customizable<\/strong>. Employees can easily misconfigure communities in the Experience Cloud. And teams can add Salesforce services without IT teams knowing.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\">Both actions expand the threat surface, potentially compromising a Salesforce environment. Avoid them by educating Salesforce users and creating policies that explain how to use the platform safely.<\/p><h3 class=\"Heading Heading-h3 text-dark-blue\">4. Not understanding how shared responsibility works<\/h3><p class=\"my-4 blog-paragraph text-still-dark-blue\">As with all cloud-based products,<strong> security responsibility is shared between Salesforce and service users<\/strong>. Unfortunately, this is something that users easily forget.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\">Users may assume that Salesforce protects data, but this is partially correct. Salesforce does encrypt data and guards against malware infection. <strong>Clients are responsible for ensuring secure access and object configurations.<\/strong><\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\">Companies using Salesforce can over-provision employees, giving them too much access to sensitive data. They might allow wide third-party access to databases, even down to field level. Marketing teams could create vulnerabilities as they customize their Salesforce solution.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\">Be aware of your responsibilities under the shared responsibility model. If not, data breaches will probably be due to your own negligence.<\/p><h2 id=\"why-do-you-need-additional-security-in-salesforce\" class=\"Heading Heading-h2 text-dark-blue\">Why do you need additional security in SalesForce?<\/h2><p class=\"my-4 blog-paragraph text-still-dark-blue\">Native security features provided by Salesforce are powerful but insufficient to achieve data security. Companies need to combine internal controls like Salesforce data encryption with external security solutions.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\"><strong>The 2019 data breach demonstrates why external security is so important.<\/strong> Salesforce and Hanna Andersson did not know about the malware infection. Security teams had no idea that gigabytes of user data had been stolen.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\">While the single data breach cost both companies plenty of money, the cost could have been higher without the actions of law enforcement professionals.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\">The initial malware infection involved a \u2018magecart\u2019 attack that skimmed customer data from the retailer\u2019s payment portal. This agent probably arrived via a phishing attack on a Hanna Andersson employee. None of Salesforce\u2019s internal controls could prevent it, but external security solutions could help.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\">SIEM tools to scan attachments and quarantine suspicious links can stop phishers in their tracks. IP allowlisting screens devices and permits access for approved IP addresses. VPNs encrypt company networks and conceal credentials from external observers.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\">Salesforce allows in-depth access management and security logging. But when fine-tuning their CRM security,<strong> companies should supplement native features with additional measures.<\/strong><\/p><h2 id=\"how-can-nordlayer-help-with-salesforce-security\" class=\"Heading Heading-h2 text-dark-blue\">How can NordLayer help with Salesforce security?<\/h2><p class=\"my-4 blog-paragraph text-still-dark-blue\">Salesforce makes CRM simple, allowing eCommerce businesses to thrive. But recent data breaches have shown that the cloud-based platform has some critical cybersecurity vulnerabilities.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\">NordLayer\u2019s tools supplement native Salesforce security and make it easier to achieve regulatory compliance.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\">Our cloud security solutions include access management tools and Single Sign On that bridge company networks and cloud portals.\u00a0<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\">IP allowlisting is another core NordLayer feature. Allowlisting lets you set approved IP addresses and block everything else. This makes it safer to admit remote workers to your Salesforce environment. It also means that credential theft does not automatically provide access to your data. Attackers without approved IP addresses will still remain outside the perimeter, unable to steal customer information.\u00a0<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\">Discover how to create a rock-solid Salesforce security posture. <a class=\"hyperlink Link Link--blue-dodger font-medium\" href=\"\/en\/contact-sales\/\">Get in touch with our team<\/a> and discuss your options today.<\/p><\/article>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-2004c86 elementor-widget elementor-widget-shortcode\" data-id=\"2004c86\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"shortcode.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-shortcode\">\t\t<div data-elementor-type=\"page\" data-elementor-id=\"18103\" class=\"elementor elementor-18103\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-748947f elementor-section-full_width elementor-section-height-default elementor-section-height-default\" data-id=\"748947f\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[{&quot;jet_parallax_layout_image&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;_id&quot;:&quot;c4f773e&quot;,&quot;jet_parallax_layout_image_tablet&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_mobile&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_speed&quot;:{&quot;unit&quot;:&quot;%&quot;,&quot;size&quot;:50,&quot;sizes&quot;:[]},&quot;jet_parallax_layout_type&quot;:&quot;scroll&quot;,&quot;jet_parallax_layout_direction&quot;:&quot;1&quot;,&quot;jet_parallax_layout_fx_direction&quot;:null,&quot;jet_parallax_layout_z_index&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x&quot;:50,&quot;jet_parallax_layout_bg_x_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y&quot;:50,&quot;jet_parallax_layout_bg_y_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size&quot;:&quot;auto&quot;,&quot;jet_parallax_layout_bg_size_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_animation_prop&quot;:&quot;transform&quot;,&quot;jet_parallax_layout_on&quot;:[&quot;desktop&quot;,&quot;tablet&quot;]}]}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-7995c19\" data-id=\"7995c19\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-a437045 elementor-widget elementor-widget-image-box\" data-id=\"a437045\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image-box.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-image-box-wrapper\"><div class=\"elementor-image-box-content\"><h3 class=\"elementor-image-box-title\">About Version 2 Digital<\/h3><p class=\"elementor-image-box-description\">Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.\n<br><br>\nThrough an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.<\/p><\/div><\/div>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t\n\t\t<div data-elementor-type=\"wp-post\" data-elementor-id=\"64131\" class=\"elementor elementor-64131\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-35fe5dd post-content elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"35fe5dd\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[{&quot;jet_parallax_layout_image&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;_id&quot;:&quot;cef08c3&quot;,&quot;jet_parallax_layout_image_tablet&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_mobile&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_speed&quot;:{&quot;unit&quot;:&quot;%&quot;,&quot;size&quot;:50,&quot;sizes&quot;:[]},&quot;jet_parallax_layout_type&quot;:&quot;scroll&quot;,&quot;jet_parallax_layout_direction&quot;:&quot;1&quot;,&quot;jet_parallax_layout_fx_direction&quot;:null,&quot;jet_parallax_layout_z_index&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x&quot;:50,&quot;jet_parallax_layout_bg_x_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y&quot;:50,&quot;jet_parallax_layout_bg_y_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size&quot;:&quot;auto&quot;,&quot;jet_parallax_layout_bg_size_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_animation_prop&quot;:&quot;transform&quot;,&quot;jet_parallax_layout_on&quot;:[&quot;desktop&quot;,&quot;tablet&quot;]}]}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-409a2e9a\" data-id=\"409a2e9a\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-5a8be8f elementor-widget elementor-widget-text-editor\" data-id=\"5a8be8f\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p><img decoding=\"async\" class=\"alignnone size-full\" src=\"https:\/\/s1.npass.app\/nordpass\/media\/1.1728.0\/images\/web\/blog\/svg\/business-continuity-plan-800x450.svg\" width=\"800\" height=\"450\" \/><\/p><div class=\"Post__content mx-auto container--m\"><div><div><p class=\"leading-loose text-lead my-3 font-medium\">These days, cybercrime is rampant. It&#8217;s no longer a matter of \u201cif\u201d you&#8217;re going to suffer an attack but \u201cwhen\u201d it will happen. All companies want to be ready for any crisis. And this is where a business continuity plan comes into play.<\/p><p class=\"leading-loose text-lead my-3 font-medium\">But what is a business continuity plan exactly? Why is it important? What should one include? Today, we&#8217;re exploring all these questions in-depth.<\/p><h2 id=\"what-is-a-business-continuity-plan\" class=\"text-h5 font-bold mb-6 mt-12 leading-normal\" style=\"line-height: 1.2;\">What is a business continuity plan?<\/h2><p class=\"leading-loose text-base my-3\">A business continuity plan (BCP) is a document that sets guidelines for how an organization will continue its operations in the event of a disruption, whether it&#8217;s a fire, flood, other natural disaster or a cybersecurity incident. A BCP aims to help organizations resume operations without significant downtime.<\/p><p class=\"leading-loose text-base my-3\">Unfortunately, according to a 2020 <a class=\"nord-link cursor-pointer outline-none transition-colors duration-250 ease-out text-teal hover:text-teal-dark\" href=\"https:\/\/www.mercer.com\/content\/dam\/mercer\/attachments\/global\/gl-2020-mercer-covid-19-global-survey-coronavirus-impact-to-global-market.pdf\" target=\"_blank\" rel=\"noopener noreferrer\">Mercer survey<\/a>, 51% of businesses across the globe don&#8217;t have a business continuity plan in place.<\/p><h2 id=\"whats-the-difference-between-business-continuity-and-disaster-recovery-plans\" class=\"text-h5 font-bold mb-6 mt-12 leading-normal\" style=\"line-height: 1.2;\">What&#8217;s the difference between business continuity and disaster recovery plans?<\/h2><p class=\"leading-loose text-base my-3\">We often confuse the terms business continuity plan and disaster recovery plan. The two overlap and often work together, but the disaster recovery plan focuses on containing, examining, and restoring operations after a cyber incident. On the other hand, BCP is a broader concept that considers the whole organization. A business continuity plan helps organizations stay prepared for dealing with a potential crisis and usually encompasses a disaster recovery plan.<\/p><h2 id=\"importance-of-business-continuity-planning\" class=\"text-h5 font-bold mb-6 mt-12 leading-normal\" style=\"line-height: 1.2;\">Importance of business continuity planning<\/h2><p class=\"leading-loose text-base my-3\">The number of news headlines announcing data breaches has numbed us to the fact that cybercrime is very real and frequent and poses an existential risk to companies of all sizes and industries.<\/p><p class=\"leading-loose text-base my-3\">Consider that in 2021, approximately <a class=\"nord-link cursor-pointer outline-none transition-colors duration-250 ease-out text-teal hover:text-teal-dark\" href=\"https:\/\/www.forbes.com\/sites\/chuckbrooks\/2022\/06\/03\/alarming-cyber-statistics-for-mid-year-2022-that-you-need-to-know\/?sh=7e691ccf7864\" target=\"_blank\" rel=\"noopener noreferrer\">37% of global organizations<\/a> fell victim to a ransomware attack. Then consider that business interruption and restoration costs account for <a class=\"nord-link cursor-pointer outline-none transition-colors duration-250 ease-out text-teal hover:text-teal-dark\" href=\"https:\/\/www.allianz.com\/en\/press\/news\/studies\/211013_Allianz-AGCS-Ransomware-Trends-Risks-and-Resilience.html#:~:text=Business%20interruption%20and%20restoration%20costs,involved%20in%20over%20six%20years\" target=\"_blank\" rel=\"noopener noreferrer\">50% of cyberattack-related losses<\/a>. Finally, take into account that most cyberattacks are financially motivated and the global cost of cybercrime topped <a class=\"nord-link cursor-pointer outline-none transition-colors duration-250 ease-out text-teal hover:text-teal-dark\" href=\"https:\/\/techxplore.com\/news\/2022-05-global-cybercrime-topped-trillion-defence.html\" target=\"_blank\" rel=\"noopener noreferrer\">$6 trillion last year<\/a>. The picture is quite clear \u2014 cybercrime is a lucrative venture for bad actors and potentially disastrous for those on the receiving end.<\/p><p class=\"leading-loose text-base my-3\">To thrive in these unpredictable times, organizations go beyond conventional security measures. Many companies develop a business continuity plan parallel to secure infrastructure and consider the plan a critical part of the security ecosystem. The Purpose of a business continuity plan is to significantly reduce the downtime in an emergency and, in turn, reduce the potential reputational damage and \u2014 of course \u2014 revenue losses.<\/p><h2 id=\"business-continuity-plan-template\" class=\"text-h5 font-bold mb-6 mt-12 leading-normal\" style=\"line-height: 1.2;\">Business continuity plan template<\/h2><div class=\"BlogBannerV2 py-8 md:py-10 lg:py-12 mt-8 md:mt-10 lg:mt-12 relative flex flex-col text-center font-medium overflow-hidden BlogBannerV2--default bg-blue-darkest\"><h2 class=\"nord-text text-h3 leading-normal font-medium tracking-tight inline-block font-bold mx-6 md:mx-21 z-1 text-white\" style=\"line-height: 1.2;\">Password security for your business<\/h2><p class=\"nord-text text-base leading-normal text-black mt-4 lg:mt-6 z-1 text-white\">Store, manage and share passwords.<\/p><div class=\"z-1\"><a class=\"nord-button focus:outline-none font-medium align-bottom rounded-1 select-none transition-colors ease-out duration-250 cursor-pointer nord-button--medium border text-white nord-button--v-contained nord-button--c-teal bg-teal border-teal font-medium inline-block Button__rounded mt-4 lg:mt-6 py-3 px-4 lg:px-6 whitespace-no-wrap\" href=\"\/en\/business-password-manager\/\">Get NordPass Business<\/a><\/div><p class=\"nord-text text-micro leading-normal text-black mt-3 z-1 text-white\">30-day money-back guarantee<\/p><\/div><h4 id=\"business-continuity-plan-example\" class=\"text-h6 font-medium mb-3 mt-6 leading-loose\" style=\"line-height: 1.2;\">Business Continuity Plan Example<\/h4><p class=\"leading-loose text-base my-3\">[Company Name]<\/p><p class=\"leading-loose text-base my-3\">[Date]<\/p><h4 id=\"i-introduction\" class=\"text-lead font-medium mb-3 mt-6 leading-loose\" style=\"line-height: 1.2;\">I. Introduction<\/h4><ul class=\"leading-loose mt-3 mb-6 list--ul\"><li class=\"my-2\"><p class=\"leading-loose text-base my-3\">Purpose of the Plan<\/p><\/li><li class=\"my-2\"><p class=\"leading-loose text-base my-3\">Scope of the Plan<\/p><\/li><li class=\"my-2\"><p class=\"leading-loose text-base my-3\">Budget<\/p><\/li><li class=\"my-2\"><p class=\"leading-loose text-base my-3\">Timeline<\/p><\/li><\/ul><p class=\"leading-loose text-base my-3\">The initial stage of developing a business continuity plan starts with a statement of the plan&#8217;s purpose, which explains the main objective of the plan, such as ensuring the organization&#8217;s ability to continue its operations during and after a disruptive event.<\/p><p class=\"leading-loose text-base my-3\">The Scope of the Plan outlines the areas or functions that the plan will cover, including business processes, personnel, equipment, and technology.<\/p><p class=\"leading-loose text-base my-3\">The Budget specifies the estimated financial resources required to implement and maintain the BCP. It includes costs related to technology, personnel, equipment, training, and other necessary expenses.<\/p><p class=\"leading-loose text-base my-3\">The Timeline provides a detailed schedule for developing, implementing, testing, and updating the BCP.<\/p><h4 id=\"ii-risk-assessment\" class=\"text-lead font-medium mb-3 mt-6 leading-loose\" style=\"line-height: 1.2;\">II. Risk Assessment<\/h4><ul class=\"leading-loose mt-3 mb-6 list--ul\"><li class=\"my-2\"><p class=\"leading-loose text-base my-3\">Identification of Risks<\/p><\/li><li class=\"my-2\"><p class=\"leading-loose text-base my-3\">Prioritization of Risks<\/p><\/li><li class=\"my-2\"><p class=\"leading-loose text-base my-3\">Mitigation Strategies<\/p><\/li><\/ul><p class=\"leading-loose text-base my-3\">The Risk Assessment section of a Business Continuity Plan (BCP) is an essential part of the plan that identifies potential risks that could disrupt an organization&#8217;s critical functions.<\/p><p class=\"leading-loose text-base my-3\">The Identification of Risks involves identifying potential threats to the organization, such cybersecurity breaches, supply chain disruptions, power outages, and other potential risks. This step is critical to understand the risks and their potential impact on the organization.<\/p><p class=\"leading-loose text-base my-3\">Once the risks have been identified, the Prioritization of Risks follows, which helps determine which risks require the most attention and resources.<\/p><p class=\"leading-loose text-base my-3\">The final step in the Risk Assessment section is developing Mitigation Strategies to minimize the impact of identified risks. Mitigation strategies may include preventative measures, such as system redundancies, data backups, cybersecurity measures, as well as response and recovery measures, such as emergency protocols and employee training.<\/p><h4 id=\"iii-emergency-response\" class=\"text-lead font-medium mb-3 mt-6 leading-loose\" style=\"line-height: 1.2;\">III. Emergency Response<\/h4><ul class=\"leading-loose mt-3 mb-6 list--ul\"><li class=\"my-2\"><p class=\"leading-loose text-base my-3\">Emergency Response Team<\/p><\/li><li class=\"my-2\"><p class=\"leading-loose text-base my-3\">Communication Plan<\/p><\/li><li class=\"my-2\"><p class=\"leading-loose text-base my-3\">Emergency Procedures<\/p><\/li><\/ul><p class=\"leading-loose text-base my-3\">This section of the plan focuses on immediate actions that should be taken to ensure the safety and well-being of employees and minimize the impact of the event on the organization&#8217;s operations.<\/p><p class=\"leading-loose text-base my-3\">The Emergency Response Team is responsible for managing the response to an emergency or disaster situation. This team should be composed of individuals who are trained in emergency response procedures and can act quickly and decisively during an emergency. The team should also include a designated leader who is responsible for coordinating the emergency response efforts.<\/p><p class=\"leading-loose text-base my-3\">The Communication Plan outlines how information will be disseminated during an emergency situation. It includes contact information for employees, stakeholders, and emergency response personnel, as well as protocols for communicating with these individuals.<\/p><p class=\"leading-loose text-base my-3\">The Emergency Procedures detail the steps that should be taken during an emergency or disaster situation. The emergency procedures should be developed based on the potential risks identified in the Risk Assessment section and should be tested regularly to ensure that they are effective.<\/p><h4 id=\"iv-business-impact-analysis\" class=\"text-lead font-medium mb-3 mt-6 leading-loose\" style=\"line-height: 1.2;\">IV. Business Impact Analysis<\/h4><p class=\"leading-loose text-base my-3\">The Business Impact Analysis (BIA) section of a Business Continuity Plan (BCP) is a critical step in identifying the potential impact of a disruption to an organization&#8217;s critical operations.<\/p><p class=\"leading-loose text-base my-3\">The Business Impact Analysis is typically conducted by a team of individuals who understand the organization&#8217;s critical functions and can assess the potential impact of a disruption to those functions. The team may include representatives from various departments, including finance, operations, IT, and human resources.<\/p><h4 id=\"v-recovery-and-restoration\" class=\"text-lead font-medium mb-3 mt-6 leading-loose\" style=\"line-height: 1.2;\">V. Recovery and Restoration<\/h4><ul class=\"leading-loose mt-3 mb-6 list--ul\"><li class=\"my-2\"><p class=\"leading-loose text-base my-3\">Procedures for recovery and restoration of critical processes<\/p><\/li><li class=\"my-2\"><p class=\"leading-loose text-base my-3\">Prioritization of recovery efforts<\/p><\/li><li class=\"my-2\"><p class=\"leading-loose text-base my-3\">Establishment of recovery time objectives<\/p><\/li><\/ul><p class=\"leading-loose text-base my-3\">The Recovery and Restoration section of a Business Continuity Plan (BCP) outlines the procedures for recovering and restoring critical processes and functions following a disruption.<\/p><p class=\"leading-loose text-base my-3\">The Procedures for recovery and restoration of critical processes describe the steps required to restore critical processes and functions following a disruption. This may include steps such as relocating to alternate facilities, restoring data and systems, and re-establishing key business relationships.<\/p><p class=\"leading-loose text-base my-3\">The Prioritization section of the plan identifies the order in which critical processes will be restored, based on their importance to the organization&#8217;s operations and overall mission.<\/p><p class=\"leading-loose text-base my-3\">Recovery time objectives (RTOs) define the maximum amount of time that critical processes and functions can be unavailable following a disruption. Establishing RTOs ensures that recovery efforts are focused on restoring critical functions within a specific timeframe.<\/p><h4 id=\"vi-plan-activation\" class=\"text-lead font-medium mb-3 mt-6 leading-loose\" style=\"line-height: 1.2;\">VI. Plan Activation<\/h4><ul class=\"leading-loose mt-3 mb-6 list--ul\"><li class=\"my-2\"><p class=\"leading-loose text-base my-3\">Plan Activation Procedures<\/p><\/li><\/ul><p class=\"leading-loose text-base my-3\">The Plan Activation section is critical in ensuring that an organization can quickly and effectively activate the plan and respond to a potential emergency.<\/p><p class=\"leading-loose text-base my-3\">The Plan Activation Procedures describe the steps required to activate the BCP in response to a disruption. The procedures should be clear and concise, with specific instructions for each step to ensure a prompt and effective response.<\/p><h4 id=\"vii-testing-and-maintenance\" class=\"text-lead font-medium mb-3 mt-6 leading-loose\" style=\"line-height: 1.2;\">VII. Testing and Maintenance<\/h4><ul class=\"leading-loose mt-3 mb-6 list--ul\"><li class=\"my-2\"><p class=\"leading-loose text-base my-3\">Testing Procedures<\/p><\/li><li class=\"my-2\"><p class=\"leading-loose text-base my-3\">Maintenance Procedures<\/p><\/li><li class=\"my-2\"><p class=\"leading-loose text-base my-3\">Review and Update Procedures<\/p><\/li><\/ul><p class=\"leading-loose text-base my-3\">This section of the plan is critical to ensure that an organization can effectively respond to disruptions and quickly resume its essential functions.<\/p><p class=\"leading-loose text-base my-3\">Testing procedures may include scenarios such as natural disasters, cyber-attacks, and other potential risks. The testing procedures should include clear objectives, testing scenarios, roles and responsibilities, and evaluation criteria to assess the effectiveness of the plan.<\/p><p class=\"leading-loose text-base my-3\">The Maintenance Procedures detail the steps necessary to keep the BCP up-to-date and relevant.<\/p><p class=\"leading-loose text-base my-3\">The Review and Update Procedures describe how the BCP will be reviewed and updated regularly to ensure its continued effectiveness. This may involve conducting a review of the plan on a regular basis or after significant changes to the organization&#8217;s operations or threats.<\/p><h2 id=\"what-should-a-business-continuity-plan-checklist-include\" class=\"text-h5 font-bold mb-6 mt-12 leading-normal\" style=\"line-height: 1.2;\">What should a business continuity plan checklist include?<\/h2><p class=\"leading-loose text-base my-3\">Organizations looking to develop a BCP have more than a few things to think through and consider. Variables such as the size of the organization, its IT infrastructure, personnel, and resources all play a significant role in developing a continuity plan. Remember, each crisis is different, and each organization will have a view on handling it according to all the variables in play. However, all business continuity plans will include a few elements in one way or another.<\/p><ul class=\"leading-loose mt-3 mb-6 list--ul\"><li class=\"my-2\"><h4 id=\"clearly-defined-areas-of-responsibility\" class=\"text-lead font-medium mb-3 mt-6 leading-loose\" style=\"line-height: 1.2;\">Clearly defined areas of responsibility<\/h4><p class=\"leading-loose text-base my-3\">A BCP should define specific roles and responsibilities for cases of emergency. Detail who is responsible for what tasks and clarify what course of action a person in a specific position should take. Clearly defined roles and responsibilities in an emergency event allow you to act quickly and decisively and minimize potential damage.<\/p><\/li><li class=\"my-2\"><h4 id=\"crisis-communication-plan\" class=\"text-lead font-medium mb-3 mt-6 leading-loose\" style=\"line-height: 1.2;\">Crisis communication plan<\/h4><p class=\"leading-loose text-base my-3\">In an emergency, communication is vital. It is the determining factor when it comes to crisis handling. For communication to be effective, it is critical to establish clear communication pipelines. Furthermore, it is crucial to understand that alternative communication channels should not be overlooked and outlined in a business continuity plan.<\/p><\/li><li class=\"my-2\"><h4 id=\"recovery-teams\" class=\"text-lead font-medium mb-3 mt-6 leading-loose\" style=\"line-height: 1.2;\">Recovery teams<\/h4><p class=\"leading-loose text-base my-3\">A recovery team is a collective of different professionals who ensure that business operations are restored as soon as possible after the organization confronts a crisis.<\/p><\/li><li class=\"my-2\"><h4 id=\"alternative-site-of-operations\" class=\"text-lead font-medium mb-3 mt-6 leading-loose\" style=\"line-height: 1.2;\">Alternative site of operations<\/h4><p class=\"leading-loose text-base my-3\">Today, when we think of an incident in a business environment, we usually think of something related to cybersecurity. However, as discussed earlier, a BCP covers many possible disasters. In a natural disaster, determine potential alternate sites where the company could continue to operate.<\/p><\/li><li class=\"my-2\"><h4 id=\"backup-power-and-data-backups\" class=\"text-lead font-medium mb-3 mt-6 leading-loose\" style=\"line-height: 1.2;\">Backup power and data backups<\/h4><p class=\"leading-loose text-base my-3\">Whether a cyber event or a real-life physical event, ensuring that you have access to power is crucial if you wish to continue operations. In a BCP, you can often come across lists of alternative power sources such as generators, where such tools are located, and who should oversee them. The same applies to data. Regularly scheduled data backups can significantly reduce potential losses incurred by a crisis event.<\/p><\/li><li class=\"my-2\"><h4 id=\"recovery-guidelines\" class=\"text-lead font-medium mb-3 mt-6 leading-loose\" style=\"line-height: 1.2;\">Recovery guidelines<\/h4><p class=\"leading-loose text-base my-3\">If a crisis is significant, a comprehensive business continuity plan usually includes detailed guidelines on how the recovery process will be carried out.<\/p><\/li><\/ul><h2 id=\"business-continuity-planning-steps\" class=\"text-h5 font-bold mb-6 mt-12 leading-normal\" style=\"line-height: 1.2;\">Business continuity planning steps<\/h2><figure class=\"my-12\"><div class=\"mx-auto\" style=\"max-width: 746px; max-height: 320px;\"><div class=\"nord-intrinsic relative w-full h-0 bg-transparent\" style=\"padding-top: 42.8954%;\"><picture class=\"nord-picture\"><source srcset=\"https:\/\/s1.npass.app\/nordpass\/media\/1.1728.0\/images\/web\/blog\/svg\/business-continuity-plan-steps-746x320.svg\" \/><img decoding=\"async\" class=\"nord-image nord-image--responsive\" src=\"data:image\/gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw==\" alt=\"business continuity plan steps\" \/><\/picture><\/div><\/div><\/figure><p class=\"leading-loose text-base my-3\">Here are some general guidelines that an organization looking to develop a BCP should consider:<\/p><h3 id=\"analysis\" class=\"text-h6 font-medium mb-3 mt-6 leading-loose\" style=\"line-height: 1.2;\">Analysis<\/h3><p class=\"leading-loose text-base my-3\">A business continuity plan should include an in-depth analysis of everything that could negatively affect the overall organizational infrastructure and operations. Assessing different levels of risk should also be a part of the analysis phase.<\/p><h3 id=\"design-and-development\" class=\"text-h6 font-medium mb-3 mt-6 leading-loose\" style=\"line-height: 1.2;\">Design and development<\/h3><p class=\"leading-loose text-base my-3\">Once you have a clear overview of potential risks your company could face, start developing a plan. Create a draft and reassess it to see if it takes into account even the smallest of details.<\/p><h3 id=\"implementation\" class=\"text-h6 font-medium mb-3 mt-6 leading-loose\" style=\"line-height: 1.2;\">Implementation<\/h3><p class=\"leading-loose text-base my-3\">Implement BCP within the organization by providing training sessions for the staff to get familiar with the plan. Getting everyone on the same page regarding crisis management is critical.<\/p><h3 id=\"testing\" class=\"text-h6 font-medium mb-3 mt-6 leading-loose\" style=\"line-height: 1.2;\">Testing<\/h3><p class=\"leading-loose text-base my-3\">Rigorously test the plan. Play out a variety of scenarios in training sessions to learn the overall effectiveness of the continuity plan. By doing so, everyone on the team will be closely familiar with the business continuity plan&#8217;s guidelines.<\/p><h3 id=\"maintenance-and-updating\" class=\"text-h6 font-medium mb-3 mt-6 leading-loose\" style=\"line-height: 1.2;\">Maintenance and updating<\/h3><p class=\"leading-loose text-base my-3\">Because the threat landscape constantly changes and evolves, you should regularly reassess your BCP and take steps to update it. By making your continuity plan in tune with the times, you will be able to stay a step ahead of a crisis.<\/p><h2 id=\"level-up-your-companys-security-with-nordpass-business\" class=\"text-h5 font-bold mb-6 mt-12 leading-normal\" style=\"line-height: 1.2;\">Level up your company&#8217;s security with NordPass Business<\/h2><p class=\"leading-loose text-base my-3\">A comprehensive business continuity plan is vital for the entire organization&#8217;s security posture. However, in a perfect world, you wouldn&#8217;t have to use it. This is where NordPass Business can help.<\/p><p class=\"leading-loose text-base my-3\">Remember, weak, reused, or compromised passwords are often cited as one of the top contributing factors in data breaches. It&#8217;s not surprising, considering that an average user has around 100 passwords. Password fatigue is real and significantly affects how people treat their credentials. NordPass Business counters these issues.<\/p><p class=\"leading-loose text-base my-3\">With <a class=\"nord-link cursor-pointer outline-none transition-colors duration-250 ease-out text-teal hover:text-teal-dark\" href=\"\/en\/business-password-manager\/\">NordPass Business<\/a>, your team will have a single secure place to store all work-related passwords, credit cards, and other sensitive information. Accessing all the data stored in NordPass is quick and easy, which allows your employees not to be distracted by the task of finding the correct passwords for the correct account.<\/p><p class=\"leading-loose text-base my-3\">In cyber incidents, NordPass Business ensures that company credentials remain secure at all times. Everything stored in the NordPass vault is secured with advanced encryption algorithms, which would take hundreds of years to brute force.<\/p><p class=\"leading-loose text-base my-3\">If you are interested in learning more about NordPass Business and how it can fortify corporate security, do not hesitate to <a class=\"nord-link cursor-pointer outline-none transition-colors duration-250 ease-out text-teal hover:text-teal-dark\" href=\"\/en\/business-password-manager\/request-demo\/\">book a demo<\/a> with our representative.<\/p><\/div><\/div><div class=\"Post__socials-sticky fixed left-0 lg:ml-6\" style=\"top: 50%; bottom: unset;\"><div class=\"flex lg:flex-col justify-center align-center\">\u00a0<\/div><\/div><\/div>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-2004c86 elementor-widget elementor-widget-shortcode\" data-id=\"2004c86\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"shortcode.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-shortcode\">\t\t<div data-elementor-type=\"page\" data-elementor-id=\"18103\" class=\"elementor elementor-18103\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-748947f elementor-section-full_width elementor-section-height-default elementor-section-height-default\" data-id=\"748947f\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[{&quot;jet_parallax_layout_image&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;_id&quot;:&quot;c4f773e&quot;,&quot;jet_parallax_layout_image_tablet&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_mobile&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_speed&quot;:{&quot;unit&quot;:&quot;%&quot;,&quot;size&quot;:50,&quot;sizes&quot;:[]},&quot;jet_parallax_layout_type&quot;:&quot;scroll&quot;,&quot;jet_parallax_layout_direction&quot;:&quot;1&quot;,&quot;jet_parallax_layout_fx_direction&quot;:null,&quot;jet_parallax_layout_z_index&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x&quot;:50,&quot;jet_parallax_layout_bg_x_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y&quot;:50,&quot;jet_parallax_layout_bg_y_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size&quot;:&quot;auto&quot;,&quot;jet_parallax_layout_bg_size_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_animation_prop&quot;:&quot;transform&quot;,&quot;jet_parallax_layout_on&quot;:[&quot;desktop&quot;,&quot;tablet&quot;]}]}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-7995c19\" data-id=\"7995c19\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-a437045 elementor-widget elementor-widget-image-box\" data-id=\"a437045\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image-box.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-image-box-wrapper\"><div class=\"elementor-image-box-content\"><h3 class=\"elementor-image-box-title\">About Version 2 Digital<\/h3><p class=\"elementor-image-box-description\">Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.\n<br><br>\nThrough an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.<\/p><\/div><\/div>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t\n\t\t<div data-elementor-type=\"page\" data-elementor-id=\"63567\" class=\"elementor elementor-63567\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-45e3ec76 elementor-section-full_width elementor-section-height-default elementor-section-height-default\" data-id=\"45e3ec76\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[{&quot;_id&quot;:&quot;c4f773e&quot;,&quot;jet_parallax_layout_image&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_tablet&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_mobile&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_speed&quot;:{&quot;unit&quot;:&quot;%&quot;,&quot;size&quot;:50,&quot;sizes&quot;:[]},&quot;jet_parallax_layout_type&quot;:&quot;scroll&quot;,&quot;jet_parallax_layout_direction&quot;:&quot;1&quot;,&quot;jet_parallax_layout_fx_direction&quot;:null,&quot;jet_parallax_layout_z_index&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x&quot;:50,&quot;jet_parallax_layout_bg_x_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y&quot;:50,&quot;jet_parallax_layout_bg_y_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size&quot;:&quot;auto&quot;,&quot;jet_parallax_layout_bg_size_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_animation_prop&quot;:&quot;transform&quot;,&quot;jet_parallax_layout_on&quot;:[&quot;desktop&quot;,&quot;tablet&quot;]}]}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-311e216d\" data-id=\"311e216d\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-3d9a2e6f elementor-widget elementor-widget-text-editor\" data-id=\"3d9a2e6f\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p><strong>About NordPass<br \/><\/strong>NordPass is developed by Nord Security, a company leading the global market of cybersecurity products.<\/p><p>The web has become a chaotic space where safety and trust have been compromised by cybercrime and data protection issues. Therefore, our team has a global mission to shape a more trusted and peaceful online future for people everywhere.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>","protected":false},"excerpt":{"rendered":"<p>Salesforce is a dominant player in the Customer Relatio [&hellip;]<\/p>","protected":false},"author":148637484,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[1075,1130,973,61],"tags":[974,1076,1132],"class_list":["post-63587","post","type-post","status-publish","format-standard","hentry","category-year2023","category-nordlayer","category-nord-security","category-press-release","tag-nord-security","tag-1076","tag-nordlayer"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.4 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Salesforce data security: is native security enough? - Version 2<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/nordlayer.com\/blog\/salesforce-data-security\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Salesforce data security: is native security enough? - Version 2\" \/>\n<meta property=\"og:description\" content=\"Salesforce is a dominant player in the Customer Relatio [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/nordlayer.com\/blog\/salesforce-data-security\/\" \/>\n<meta property=\"og:site_name\" content=\"Version 2\" \/>\n<meta property=\"article:published_time\" content=\"2023-02-14T08:45:26+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-09-13T08:31:43+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/images.ctfassets.net\/5natoedl294r\/66HnS5W1ZeiiMJsup7Yhlo\/33e9d715f423e1e83f08e9e228074681\/Data_security_in_Salesforce_cover_web_1400x800.png?w=1400&amp;h=800&amp;q=50&amp;fm=webp\" \/>\n<meta name=\"author\" content=\"versionpan\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"versionpan\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"8 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/nordlayer.com\\\/blog\\\/salesforce-data-security\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/2023\\\/02\\\/salesforce-data-security-is-native-security-enough\\\/\"},\"author\":{\"name\":\"versionpan\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/person\\\/103ffe36f7fd34a1cc126a30431b94d8\"},\"headline\":\"Salesforce data security: is native security enough?\",\"datePublished\":\"2023-02-14T08:45:26+00:00\",\"dateModified\":\"2024-09-13T08:31:43+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/2023\\\/02\\\/salesforce-data-security-is-native-security-enough\\\/\"},\"wordCount\":1465,\"publisher\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/nordlayer.com\\\/blog\\\/salesforce-data-security\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/images.ctfassets.net\\\/5natoedl294r\\\/66HnS5W1ZeiiMJsup7Yhlo\\\/33e9d715f423e1e83f08e9e228074681\\\/Data_security_in_Salesforce_cover_web_1400x800.png?w=1400&amp;h=800&amp;q=50&amp;fm=webp\",\"keywords\":[\"Nord Security\",\"2023\",\"NordLayer\"],\"articleSection\":[\"2023\",\"NordLayer\",\"Nord Security\",\"Press Release\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/version-2.com\\\/2023\\\/02\\\/salesforce-data-security-is-native-security-enough\\\/\",\"url\":\"https:\\\/\\\/nordlayer.com\\\/blog\\\/salesforce-data-security\\\/\",\"name\":\"Salesforce data security: is native security enough? - Version 2\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/nordlayer.com\\\/blog\\\/salesforce-data-security\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/nordlayer.com\\\/blog\\\/salesforce-data-security\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/images.ctfassets.net\\\/5natoedl294r\\\/66HnS5W1ZeiiMJsup7Yhlo\\\/33e9d715f423e1e83f08e9e228074681\\\/Data_security_in_Salesforce_cover_web_1400x800.png?w=1400&amp;h=800&amp;q=50&amp;fm=webp\",\"datePublished\":\"2023-02-14T08:45:26+00:00\",\"dateModified\":\"2024-09-13T08:31:43+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/nordlayer.com\\\/blog\\\/salesforce-data-security\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/nordlayer.com\\\/blog\\\/salesforce-data-security\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/nordlayer.com\\\/blog\\\/salesforce-data-security\\\/#primaryimage\",\"url\":\"https:\\\/\\\/images.ctfassets.net\\\/5natoedl294r\\\/66HnS5W1ZeiiMJsup7Yhlo\\\/33e9d715f423e1e83f08e9e228074681\\\/Data_security_in_Salesforce_cover_web_1400x800.png?w=1400&amp;h=800&amp;q=50&amp;fm=webp\",\"contentUrl\":\"https:\\\/\\\/images.ctfassets.net\\\/5natoedl294r\\\/66HnS5W1ZeiiMJsup7Yhlo\\\/33e9d715f423e1e83f08e9e228074681\\\/Data_security_in_Salesforce_cover_web_1400x800.png?w=1400&amp;h=800&amp;q=50&amp;fm=webp\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/nordlayer.com\\\/blog\\\/salesforce-data-security\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"\u9996\u9801\",\"item\":\"https:\\\/\\\/version-2.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Salesforce data security: is native security enough?\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#website\",\"url\":\"https:\\\/\\\/version-2.com\\\/zh\\\/\",\"name\":\"Version 2\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/version-2.com\\\/zh\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\",\"name\":\"Version 2\",\"url\":\"https:\\\/\\\/version-2.com\\\/zh\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/i0.wp.com\\\/version-2.com\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1\",\"contentUrl\":\"https:\\\/\\\/i0.wp.com\\\/version-2.com\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1\",\"width\":1795,\"height\":335,\"caption\":\"Version 2\"},\"image\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/person\\\/103ffe36f7fd34a1cc126a30431b94d8\",\"name\":\"versionpan\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/72541e15024f6716236decb252e7488d4a7359d4df6f8506b01f447174f92c7c?s=96&d=identicon&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/72541e15024f6716236decb252e7488d4a7359d4df6f8506b01f447174f92c7c?s=96&d=identicon&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/72541e15024f6716236decb252e7488d4a7359d4df6f8506b01f447174f92c7c?s=96&d=identicon&r=g\",\"caption\":\"versionpan\"},\"url\":\"https:\\\/\\\/version-2.com\\\/en\\\/author\\\/versionpan\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Salesforce data security: is native security enough? - Version 2","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/nordlayer.com\/blog\/salesforce-data-security\/","og_locale":"en_US","og_type":"article","og_title":"Salesforce data security: is native security enough? - Version 2","og_description":"Salesforce is a dominant player in the Customer Relatio [&hellip;]","og_url":"https:\/\/nordlayer.com\/blog\/salesforce-data-security\/","og_site_name":"Version 2","article_published_time":"2023-02-14T08:45:26+00:00","article_modified_time":"2024-09-13T08:31:43+00:00","og_image":[{"url":"https:\/\/images.ctfassets.net\/5natoedl294r\/66HnS5W1ZeiiMJsup7Yhlo\/33e9d715f423e1e83f08e9e228074681\/Data_security_in_Salesforce_cover_web_1400x800.png?w=1400&amp;h=800&amp;q=50&amp;fm=webp","type":"","width":"","height":""}],"author":"versionpan","twitter_card":"summary_large_image","twitter_misc":{"Written by":"versionpan","Est. reading time":"8 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/nordlayer.com\/blog\/salesforce-data-security\/#article","isPartOf":{"@id":"https:\/\/version-2.com\/2023\/02\/salesforce-data-security-is-native-security-enough\/"},"author":{"name":"versionpan","@id":"https:\/\/version-2.com\/zh\/#\/schema\/person\/103ffe36f7fd34a1cc126a30431b94d8"},"headline":"Salesforce data security: is native security enough?","datePublished":"2023-02-14T08:45:26+00:00","dateModified":"2024-09-13T08:31:43+00:00","mainEntityOfPage":{"@id":"https:\/\/version-2.com\/2023\/02\/salesforce-data-security-is-native-security-enough\/"},"wordCount":1465,"publisher":{"@id":"https:\/\/version-2.com\/zh\/#organization"},"image":{"@id":"https:\/\/nordlayer.com\/blog\/salesforce-data-security\/#primaryimage"},"thumbnailUrl":"https:\/\/images.ctfassets.net\/5natoedl294r\/66HnS5W1ZeiiMJsup7Yhlo\/33e9d715f423e1e83f08e9e228074681\/Data_security_in_Salesforce_cover_web_1400x800.png?w=1400&amp;h=800&amp;q=50&amp;fm=webp","keywords":["Nord Security","2023","NordLayer"],"articleSection":["2023","NordLayer","Nord Security","Press Release"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/version-2.com\/2023\/02\/salesforce-data-security-is-native-security-enough\/","url":"https:\/\/nordlayer.com\/blog\/salesforce-data-security\/","name":"Salesforce data security: is native security enough? - Version 2","isPartOf":{"@id":"https:\/\/version-2.com\/zh\/#website"},"primaryImageOfPage":{"@id":"https:\/\/nordlayer.com\/blog\/salesforce-data-security\/#primaryimage"},"image":{"@id":"https:\/\/nordlayer.com\/blog\/salesforce-data-security\/#primaryimage"},"thumbnailUrl":"https:\/\/images.ctfassets.net\/5natoedl294r\/66HnS5W1ZeiiMJsup7Yhlo\/33e9d715f423e1e83f08e9e228074681\/Data_security_in_Salesforce_cover_web_1400x800.png?w=1400&amp;h=800&amp;q=50&amp;fm=webp","datePublished":"2023-02-14T08:45:26+00:00","dateModified":"2024-09-13T08:31:43+00:00","breadcrumb":{"@id":"https:\/\/nordlayer.com\/blog\/salesforce-data-security\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/nordlayer.com\/blog\/salesforce-data-security\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/nordlayer.com\/blog\/salesforce-data-security\/#primaryimage","url":"https:\/\/images.ctfassets.net\/5natoedl294r\/66HnS5W1ZeiiMJsup7Yhlo\/33e9d715f423e1e83f08e9e228074681\/Data_security_in_Salesforce_cover_web_1400x800.png?w=1400&amp;h=800&amp;q=50&amp;fm=webp","contentUrl":"https:\/\/images.ctfassets.net\/5natoedl294r\/66HnS5W1ZeiiMJsup7Yhlo\/33e9d715f423e1e83f08e9e228074681\/Data_security_in_Salesforce_cover_web_1400x800.png?w=1400&amp;h=800&amp;q=50&amp;fm=webp"},{"@type":"BreadcrumbList","@id":"https:\/\/nordlayer.com\/blog\/salesforce-data-security\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"\u9996\u9801","item":"https:\/\/version-2.com\/"},{"@type":"ListItem","position":2,"name":"Salesforce data security: is native security enough?"}]},{"@type":"WebSite","@id":"https:\/\/version-2.com\/zh\/#website","url":"https:\/\/version-2.com\/zh\/","name":"Version 2","description":"","publisher":{"@id":"https:\/\/version-2.com\/zh\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/version-2.com\/zh\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/version-2.com\/zh\/#organization","name":"Version 2","url":"https:\/\/version-2.com\/zh\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/version-2.com\/zh\/#\/schema\/logo\/image\/","url":"https:\/\/i0.wp.com\/version-2.com\/wp-content\/uploads\/2020\/08\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1","contentUrl":"https:\/\/i0.wp.com\/version-2.com\/wp-content\/uploads\/2020\/08\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1","width":1795,"height":335,"caption":"Version 2"},"image":{"@id":"https:\/\/version-2.com\/zh\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/version-2.com\/zh\/#\/schema\/person\/103ffe36f7fd34a1cc126a30431b94d8","name":"versionpan","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/72541e15024f6716236decb252e7488d4a7359d4df6f8506b01f447174f92c7c?s=96&d=identicon&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/72541e15024f6716236decb252e7488d4a7359d4df6f8506b01f447174f92c7c?s=96&d=identicon&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/72541e15024f6716236decb252e7488d4a7359d4df6f8506b01f447174f92c7c?s=96&d=identicon&r=g","caption":"versionpan"},"url":"https:\/\/version-2.com\/en\/author\/versionpan\/"}]}},"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/pbQRKm-gxB","post_mailing_queue_ids":[],"_links":{"self":[{"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/posts\/63587","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/users\/148637484"}],"replies":[{"embeddable":true,"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/comments?post=63587"}],"version-history":[{"count":1,"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/posts\/63587\/revisions"}],"predecessor-version":[{"id":64202,"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/posts\/63587\/revisions\/64202"}],"wp:attachment":[{"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/media?parent=63587"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/categories?post=63587"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/tags?post=63587"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}