Digitalization and Its Risks – How Secure Is Our Environment, and What Can We Do About It?

Digitalization creates opportunities for organizations to quickly increase their capacity. Automation, system integrations, and the implementation of third-party applications offer exceptional freedom and flexibility. However, as with all good things, there are also negative aspects. The introduction of thousands of moving parts makes it challenging to maintain an overview of the system and identify potential vulnerabilities. IT security is a major and crucial part of the implementation. 

Argon (Aqua Security Company) has analyzed that attacks on digital supply chains were three times more frequent in in 2021 compared to the previous year. This is an interesting analysis of IT security that we’d like to explore further and help you manage.  

Current risks and how Salesforce may be affected 

The risk of cyberattacks is a concern for every organization and business unit that has undergone a digital transformation and integrated third-party applications. 

Salesforce, the CRM system that is used by more than 150,000 organizations around the world, is also at risk of these attacks. To date, Salesforce’s infrastructure has not been involved in any major incidents, but attacks with negative impact on users cannot, unfortunately, be ruled out in the future. That is why it is important to have a strategy and be aware of these issues.  

Risks associated with integrated third-party applications via AppExchange 

Salesforce can be highly customized for each area of use area of use with the help of third-party applications, components, and cloud services. Salesforce AppExchange, their official app–store, offers more than 3,400 apps. Examples of apps include ready-made integrations with e-signature solutions such as Scrive or Docusign, pre-built components for displaying lists, tools for managing data, or other features not available in the standard Salesforce platform.  In addition, the organization can build its own integrations with external systems via SOAP or REST–APIs.  

That positive thing about third-party apps from AppExchange is that there are many options for an organization to find support for their customizations and add-ons in their Salesforce–environment. But with every new addition to the environment, the organization’s exposure to breaches and attacks.  

How attacks via third-party applications can occur 

Here, the attacker identifies a vulnerability in an application integrated with Salesforce; an example of this could be a tool that retrieves data for analysis and exploits it to gain access to the system.  

An attacker may attempt to steal or damage data within Salesforce, but may also exploit the platform’s capabilities as part of their attack– chain. For example, malicious documents or web addresses may be shared within the environment, which unsuspecting users then download or interact with.  

These users can then be exploited for their access to other systems. The attacker makes use of their new access, and continuestheir their attack on the organization even deeper. 

Best practices for mitigating digital risks and strengthening IT security

IT security is complex and cannot be solved with a magic bullet. Therefore, a multi-layered strategy is required to mitigate the risk of attacks where a combination of effective security solutions is applied alongside the right processes and policies. 

Some of the key components of a Salesforce security strategy include: 

• Implementation of APM (Application Portfolio Management)
  APM is a framework in which the process handles planning and evaluation of applications, with the goal of measure and optimize the use ofof applicationsthem throughout their lifecycle. In this continuousapproach approach includes a constant review of existing applications as well as developmentanddevelopmentof new. Here is an example from aa securityperspective to review securitythe risks of external applications before they are introduced into the Salesforce environment. This includes investigating known vulnerabilities and previous incidentsincidents that the product (the application) has been involved in, as well as its supplier and verify that these issues have beenbeen addressed and resolved. The APM process will coordinate the review of future applications and the inventory of existing, and will greatly assist in gaining an overview of potential vulnerabilities. 

• Risk assessment of the potential impact of a breach.
  In addition to reviewing the components and applications, the organization should assess the potential impact a breach could have on its environment. 

• Get a centralized overview of third-party assets.
  In large Salesforce environments, hundreds of third-party components may be integrated. Consequently, administrators must focus on maintaining a clear overview to reduce the risk of overlooking potential vulnerabilities. Here is where a good APM processhelp andsimplify. 

• Minimize misconfigurations and unauthorized access.
  In addition to looking outward at your digital supply chain, you should also focus inward on your internal processes. Administrators review their Salesforce environment and ensure that applications are configured correctly and with appropriate access rights. Followingbest practices regarding system access reduces the risk that an attacker can find vulnerabilities and also mitigates the impact of what the attacker could achieve if the system were to be compromised. 

Implement an effective IT security response plan

In an age when data breaches are becoming increasingly common, even the most established organizationswith with robust security strategies are at risk of attacks, it is important to have an effective plan in place. 

In that case, the key is to prioritize a rapid process for detecting breaches and an effective response plan.  

Salesforce Shield

The Salesforce Shield service provides access to features such as detailed logging and per-field encryption. This helps address and strengthen critical activity monitoring needs, which in turn is useful for detecting and analyzing incidents.  

Organizations should have access to the tools and skills needed to identify the source of a breach and eliminate threats in the environment. Having a partnership with a Salesforce Partner can be one of the most cost-effective ways to achieve this.  

 Releye can assist with security reviews to ensure you are protected against attacks. This review includes the following (depending on complexity and specific requirements): 

1. A risk assessment, in the form of an analysis of your existing third-party integrations with Salesforce. 
2. Documentation of third-party components used in your solution and risk assessment. 
3. Review of your Salesforce security configuration– solution. 
4. Recommendations for managing existing integrations and components,, as well as any changes that need to be implemented.