How to Secure Your Salesforce Org with Transaction Security Policy : asagarwal

How to Secure Your Salesforce Org with Transaction Security Policy
by: asagarwal
blow post content copied from  Ashish Agarwal – Salesforce.com Architect & Blogger
click here to view original post


TRUST is one of the core values of Salesforce and the foundation block that it is built upon. Parker Harris, Salesforce co-founder says, “Nothing is more important to our company than the privacy of our customers’ data”. Trust requires security and Salesforce has developed various features over time to live up to that commitment. One such security feature is called Transaction Security Policy.

Transaction Security Policy in Salesforce

Using Transaction Security Policy, you can define events to monitor and take action when that event happens. Here are a few examples of the events that you can monitor

  1. You want to block and notify the administrator when somebody tries to export the ‘Contact’ information
  2. You want to raise the session security to Two-Factor Authentication (2FA) when a user tries to access Salesforce from two different IP Address within the last 24 hours
  3. You want to block the access when someone tries to log in from a particular country or from a particular operating system or browser
  4. You want to block chatter posts containing particular keywords
  5. You want to limit the concurrent number of sessions for a user or for an administrator
  6. etc…

And when these events occur, you can take these actions

  1. Block – Don’t let the user complete the request
  2. Two-Factor Authentication – Step up the security and prompt the user to confirm identity by using two-factor authentication, such as the Salesforce Authenticator app
  3. Freeze user – Prevent further logins into your org by the user.
  4. End session – Prompt the user to end an existing session when the number of concurrent sessions a user is allowed to have is strictly limited

I hope you get the gist of it now. But for one last time – Transaction Security is a framework that intercepts Salesforce events in real-time and applies appropriate actions and notifications based on the security policies you create. 

One more thing before we go any further. Please do note that Transaction Security Policy requires purchasing Salesforce Shield or Salesforce Event Monitoring add-on subscriptions. TSP, unfortunately, is not free 🙁 

So how do you configure Transaction Security Policy in your Salesforce Org? Here is your less than 30 minutes step-by-step guide on how to configure TSP in Salesforce. In this we are going to apply TSP on two different events – One, we’ll block the user from exporting contact information and second, we will step up the session security to two-factor authentication if a user tries to log in from two different IP addresses within 24 hours.  



To download a PDF copy of the presentation above




check to receive weekly updates on more of such awesome guides





(You'll never be spammed on my watch. And that's a promise)

References & Useful URLs:

  1. Trailhead Module – Enhanced Transaction Security –  https://trailhead.salesforce.com/content/learn/modules/enhanced_transaction_security
  2. Help Article – Enhanced Transaction Security – https://help.salesforce.com/articleView?id=sf.enhanced_transaction_security_policy_types.htm&type=5
  3. Enhanced Apex Transaction Security Implementation Examples – https://developer.salesforce.com/docs/atlas.en-us.securityImplGuide.meta/securityImplGuide/enhanced_transaction_security_policy_apex_examples.htm
  4. YouTube Video (23:00 mins) – Implementing Real-Time Actions with Transaction Security

Blog Post Change Log:

  • March 2021 – Replaced screenshots to show new ‘Condition Builder’ & ‘Apex’ methods to create Transaction Security Policy
  • April 2019 – 1st Published

The post How to Secure Your Salesforce Org with Transaction Security Policy appeared first on Ashish Agarwal - Salesforce.com Architect & Blogger.


March 04, 2021 at 03:30AM
Click here for more details...

=============================
The original post is available in Ashish Agarwal – Salesforce.com Architect & Blogger by asagarwal
this post has been published as it is through automation. Automation script brings all the top bloggers post under a single umbrella.
The purpose of this blog, Follow the top Salesforce bloggers and collect all blogs in a single place through automation.
============================

Salesforce