HELPING YOU MANAGE SECURITY POSTURE AND RISK FOR
SaaS Security Management for Salesforce Communities, Sites, and Guest Users can be difficult.
AppOmni makes it easier.
Salesforce’s Community and Site products are among their most widely adopted and powerful. Salesforce admins have the ability to create powerful partner and customer communities with the click of a button.
These communities are a great way to share information and collaborate with customers, partners, or employees. However, without proper management and continuous security monitoring, these communities can inadvertently become a serious risk to your business.
Access Across Communities
Regardless of the amount or type of community (portal, help forum, support site, etc) you have created, it is important to remember that they are all built on top of your Salesforce org. This means that any misconfigurations in the community site can create data exposure risks across your entire Salesforce ecosystem.
As part of AppOmni’s discovery capabilities, we are able to provide you insightful content across all your community users and configurations and highlight misconfigurations that could lead to potential data exposure.
As an example, we can quickly provide you information on Salesforce object access permissions for your community users, including detailed information about where and how Salesforce permissions has been granted in Salesforce. This incredibly powerful functionality allows you to gain instant visibility into what your community users have access to as well as how they have obtained permissions, which enables you to efficiently identify and remediate overly-permissive access to sensitive standard or custom Salesforce objects.
Ongoing Preventative Security Policies
You are likely aware that the users of these communities require specific licensing — customer community, customer community plus, or partner community — based on the use cases of the community. Each license provides varied levels of configuration and access capabilities to the underlying Salesforce org. Assumably, these license characteristics and permissions change or drift over the normal course of business. This creates the constant challenge of maintaining the right configuration and data policies both enable and protect the business.
We believe that providing you with continuous visibility across your Salesforce communities and sites is the first step in building a comprehensive approach to securing your Salesforce environment. Once you have this baseline, we can help you build and enforce the protection policies.
AppOmni provides default Salesforce Security Best Practices policies, which enable your Security and Salesforce teams to efficiently establish, create, and centrally manage Salesforce security policies. Examples of these policies include our Data Access policies (persona-based data access drift detection) and Security Posture (configuration drift detection) policies.
An area of specific focus should be on ensuring proper access permissions for Salesforce Guest users (unauthenticated users) as well as any other external-facing Salesforce accounts. We strongly recommend AppOmni policy development and deployment for continuous Salesforce data access monitoring for these types of external users. Real world exploitation has demonstrated that unauthenticated Guest users that have read/edit permissions create the potential for anonymous internet users gaining the ability to interact with Guest owned records and objects. That is why it is critical to have central visibility and enforcement around these types of community users.
Sharing and User Activity
Salesforce places a copious amount of emphasis on maintaining trust and providing security capabilities for their customers. They release community and site updates on a regular basis. These security updates are geared towards addressing risks and customer concerns. While these updates might be available, ensuring they are configured in each org requires the attention and time of the Security and Salesforce Admin teams.
AppOmni enables you to quickly identify and remediate risky configurations, improper access controls, and data exposures before an incident occurs. The AppOmni platform provides monitoring and detection capabilities that can be used to detect community risks to your company. For example, we can highlight permissions that would allow for a non-admin user the ability to grant community login access or let you quickly determine guest owned records that would allow for anonymous internet user access.
Once you have set the policies you would like to monitor, we provide the ability for you to tie into your existing security monitoring technologies or automate remediation via your existing workflows. You can now rest easy knowing that your Salesforce communities are protected with AppOmni.
AppOmni provides central visibility into your Salesforce environment, including Guest Owned records, in minutes.
GET A FREE RISK ASSESSMENT
According to Gartner, through 2025, at least 99% of cloud security failures will be the customer’s fault. Avoid being part of that statistic.