Wed, 8 February 2017
Today on the Salesforce Admins Podcast we’re speaking to two security experts, Laura Pelkey and Lynn Simons from our Security team at Salesforce. They have some really great security tips for admins and so much more.
Join us as Laura and Lynn share their insights on security best practices at Salesforce and what they’re doing to help make the lives of admins and customers easier and more secure. We’ll learn about the benefits of two factor authentication protocols and why it’s important that admins transition to TLS 1.1 or higher. All that and more from Laura Pelkey and Lynn Simons.
You should subscribe for the full episode, but here are a few takeaways from our conversation with Laura Pelkey and Lynn Simons.
Creating one stop shop for security needs.
As Lynn explains, “We want to make things easy for our community.” What they’ve been doing to make this happen: “we’ve been working on a web page that is a central hub for admins and customers. It will help them find what works for them and answer the questions they have about security. That URL is Salesforce.com/security,” says Lynn.
The website is chock-full of helpful resources. “You can even link back to admin.salesforce.com and have an assorted view of all the blog posts we’ve written for admins, all in one view,” says Lynn.
Making people feel the spark.
Laura has a background in security and has been with Salesforce for a little over 2 months, however she started as a Salesforce admin. As she explains, “I love talking about security. I’m super obsessed with it. I think it’s something that unites the world right now. It’s the universal struggle, everyone needs to be more secure and everyone is talking about it.”
What would she like to hear someone say to her at Dreamforce next year? “Wow that’s so interesting. You need to get people to feel the spark so that they direct themselves and ask: how can I be more secure? What can I do in my everyday life?” says Laura.
Lynn has also felt the spark. “Security in every fiber of what we do. That just got me jazzed because I realized that every single person had a role to play. I think that’s true for our customers too. Whether you’re a user, an admin or a dev there’s some element or way you’re interacting with this internet service that makes security relevant,” says Lynn.
As Lynn shares, “it’s the world we live in. It’s no different if you’re on LinkedIn or Facebook or Tweeting. These implications are everywhere. That’s what sparked me.”
Making things easier for customers with two factor authentication.
So, what updates are coming to the security landscape at Salesforce? Laura says, “a couple of updates that are coming out in the Spring release are easier and better ways to authenticate your logins,” says Laura.
As Laura shares, “two factor authentication is something we encourage everyone to adopt. It’s really the easiest thing you can do to better protect yourself and your data.”
Lynn chimes in, “we want security to be easy for our customers. In the upcoming releases you’re going to see it getting easier and easier to not only make your logins secure but it will be easier to configure that.”
Building good relationships with IT.
Lynn says the new updates are “going to make your life easier when dealing with IT. They’re going to back off a bit. It makes them have more faith in the security of your org.”
Admins can now configure a lot of things declaratively which allows them to take a leadership position within their company. “We’re trying to come with ways to make interacting with IT easier. It’s definitely worth the investment in that relationship, ” says Lynn.
Also, as Laura points out, building these relationships, “will position you as a security expert within your company.” She adds, “some of these simple configurations can be ways to build the relationship so when you want to make the bigger changes, that relationship is there already.”
It’s all about TLS.
TLS stands for Transport Layer Security. It’s a type of encryption protocol that helps with browser security. As Laura explains, Salesforce is in the process of switching to a more secure form of TLS. “Right now Salesforce runs on TLS 1.0, but that’s going to be switching to 1.1 or higher to align to security industry best practices. We want to be the most secure we can be for your data and the way to do that is stay current with the best practices in the field,” says Laura.
“This is something that we need to do to stay at the forefront of browser security. Since Salesforce runs in a browser we have to have the best protocols to protect data” says Lynn.
Admins need to transition to TLS 1.1 or higher. “If you’re a Salesforce admin you’re going to get an email about this, if you haven’t already and will walk you through the process. What we want to get across is that every customer needs to care about this. The first step is to see whether this affects you and then all the tools and support are there to help you,” explains Lynn.
We want to get your suggestions for guests on the podcast and we need your help! So tweet your guest suggestions and support to @SalesforceAdmns to help us get more Awesome Admins on the podcast.
We want to remind you that if you love what you hear, or even if you don’t head on over to iTunes and give us a review. It’s super easy to do and it really helps more Admins find the podcast. Plus, we would really appreciate it.