5 ways  F-Secure Cloud Protection works to complement  Salesforce  Shield 

Salesforce Shield is a premium service from Salesforce that helps Salesforce and InfoSec professionals build extra levels of trust, compliance and governance in business-critical apps such as Sales Cloud, Service Cloud or Experience Cloud. Shield provides enhancements that elevate basic encryption. This means an extra layer of protection for files that your employees upload to the cloud, so that if this data falls into the wrong hands it is harder to make use of. But this is not the same as security. 

Here are five ways that F-Secure Cloud Protection for Salesforce complements Shield: 

 

  1. F-Secure’s solution actively scans every file that is sent to the cloud for threats, and stops malicious content being uploaded. Shield encrypts data at rest, but it does not guarantee that encrypted files don’t contain harmful content or other malicious code. Because the data is encrypted by Shield, Salesforce cannot see what it is. This is great for privacy, but poses a security issue, which the F-Secure solution seeks to solve.  
     
  2. F-Secure Cloud Protection is a native application installed from Salesforce AppExchange and operating entirely within the Salesforce platform. It is fully compatible with Salesforce Shield encryption, and all data remain encrypted before, during and after threat analysis. 
     
  3. F-Secure complements Shield’s Event Monitoring by providing security events generated for every file and URL analyzed by F-Secure Cloud Protection. F-Secure’s analytics give full visibility of who uploaded or downloaded what, where and when they uploaded/downloaded it, plus an assessment of the reputation and safety of content. It can also notify Salesforce and security admins when threats are detected. 
     
  4. The F-Secure solution also comes with rich dashboards and reports that can be used in tandem with Shield’s Event Monitoring Analytics. 
     
  5. Shield monitors which pages internal and external users access within Salesforce Cloud. F-Secure Cloud Protection checks all external URLs that are shared and accessed by users. If URLs are found unsafe, the F-Secure app prevents users from visiting malicious web sites. 

How much responsibility do I have?

Many Salesforce customers assume that the security of their data is the responsibility of Salesforce. Exactly who is responsible for what is a complex issue (explored at length in our recent whitepaper), but the key point is that the customer always retains responsibility for everything that is uploaded to the platform by them, as well as managing the security of devices and credentials used to access the platform.  

If you want to learn more about F-Secure Cloud Protection for Salesforce you can download our recent whitepaper on the topic “Plugging the Gaps in Salesforce Cloud Security”.