What is a control in Salesforce

How Cloud App Security helps protect your Salesforce environment

  • 2 minutes to read

Applies to: Microsoft Cloud App Security

Important

Microsoft's Threat Prevention product names are changing. You can find more information about this and other updates here. We will be updating names in products and documentation in the near future.

As a major CRM cloud provider, Salesforce encompasses large amounts of sensitive information about customers, price replay books, and important business within your organization. As a business critical app, Salesforce is accessed by people in your organization and by others outside of IT (e.g. partners and contractors) for a variety of purposes. In many cases, a large proportion of your users who access Salesforce are low-security and your sensitive information can be compromised if it is accidentally shared. In other cases, malicious actors may gain access to the most confidential customer-related resources.

When you connect Salesforce to Cloud App Security, you get better insights into what your users are doing, provide threat detection using machine learning-based anomaly detections and information protection detections (such as detecting the release of external information), enable automatic corrective action, and detect threats of activated third-party apps in your organization.

Major threats

  • Compromised accounts and insider threats
  • Data leaks
  • Elevated rights
  • Inadequate security awareness
  • Malicious third-party apps and Google add-ons
  • Ransomware
  • Unmanaged bring-your-own-device (BYOD)

How Cloud App Security helps protect your environment

Control Salesforce with built-in policies and guidelines templates

You can use the following built-in policy templates to detect and notify you of potential threats:

For more information on creating policies, see Creating a Policy.

Automate governance controls

In addition to monitoring potential threats, you can apply and automate the following Salesforce governance actions to remediate detected threats:

typeaction
User governanceNotify users of pending alerts
-Send a DLP violation digest to file owners
-Block user
-Notify user of warning (via Azure AD)
-User has to sign in again (via Azure AD)
-Block user (via Azure AD)
OAuth app governanceRevoke OAuth app for user

For more information about addressing threats from apps, see Subcontrolling Connected Apps.

Protect Salesforce in real time

Find out about our best practices for securing and collaborating with outside users, and blocking and protecting sensitive data from being downloaded to unmanaged or risky devices.

Next Steps